urlscan.io logo urlscan.io
SecurityTrails logo

amenazaytx.site Open in urlscan Pro
2a02:4780:b:730:0:2ede:94d2:a  Public Scan

Go To Rescan Add Verdict Report
URL: https://amenazaytx.site/
Submission: On January 21 via api from DO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 84 IPs in 11 countries across 80 domains to perform 448 HTTP transactions. The main IP is 2a02:4780:b:730:0:2ede:94d2:a, located in Phoenix, United States and belongs to AS-HOSTINGER, CY. The main domain is amenazaytx.site.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on January 3rd 2023. Valid for: 3 months.
This is the only time amenazaytx.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
28 2a02:4780:b:7... 47583 (AS-HOSTINGER)
5 2a00:1450:400... 15169 (GOOGLE)
3 13.32.99.54 16509 (AMAZON-02)
25 2a06:98c1:312... 13335 (CLOUDFLAR...)
14 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
22 3.210.159.45 14618 (AMAZON-AES)
6 2001:4860:480... 15169 (GOOGLE)
4 2606:50c0:800... 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 205.185.216.10 20446 (STACKPATH...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
9 16 185.89.210.46 29990 (ASN-APPNEX)
3 2a02:2638::24 44788 (ASN-CRITE...)
4 7 185.184.8.90 204995 (RTB-HOUSE...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
21 52.210.29.120 16509 (AMAZON-02)
7 51.89.9.253 16276 (OVH)
2 5 147.75.85.234 54825 (PACKET)
3 34.107.148.139 396982 (GOOGLE-CL...)
7 18.156.30.226 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
4 6 2.19.35.65 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
8 65.9.95.20 16509 (AMAZON-02)
2 20 76.223.111.18 16509 (AMAZON-02)
2 2 3.123.192.137 16509 (AMAZON-02)
7 37.157.5.141 198622 (ADFORM)
10 10 3.68.24.7 16509 (AMAZON-02)
5 6 37.157.6.241 198622 (ADFORM)
5 2a00:1450:400... 15169 (GOOGLE)
2 23.35.229.181 16625 (AKAMAI-AS)
6 11 64.202.112.159 22075 (AS-OUTBRAIN)
13 34.248.176.243 16509 (AMAZON-02)
1 213.19.162.41 26667 (RUBICONPR...)
4 37.157.5.72 198622 (ADFORM)
21 2606:4700:20:... 13335 (CLOUDFLAR...)
4 18.169.200.225 16509 (AMAZON-02)
1 65.9.66.11 16509 (AMAZON-02)
2 18.66.15.50 16509 (AMAZON-02)
4 2a02:2638:1::3 44788 (ASN-CRITE...)
6 18.133.22.21 16509 (AMAZON-02)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
2 2.18.235.93 16625 (AKAMAI-AS)
2 13.32.27.45 16509 (AMAZON-02)
2 23.203.124.180 16625 (AKAMAI-AS)
2 178.250.2.146 44788 (ASN-CRITE...)
2 34.247.128.14 16509 (AMAZON-02)
2 4 185.86.139.104 201081 (SMARTADSE...)
4 8 172.64.154.237 13335 (CLOUDFLAR...)
8 104.96.145.246 16625 (AKAMAI-AS)
5 23.203.124.192 16625 (AKAMAI-AS)
2 2600:9000:211... 16509 (AMAZON-02)
4 4 72.251.249.9 32475 (SINGLEHOP...)
2 216.52.2.30 30282 (AS-INAPCD...)
6 6 213.19.147.45 26120 (RHYTHMONE)
11 35.71.131.137 16509 (AMAZON-02)
2 2 193.0.160.128 54312 (ROCKETFUEL)
3 69.166.1.12 27630 (AS-XFERNET)
7 7 18.156.0.31 16509 (AMAZON-02)
2 2 54.88.156.252 14618 (AMAZON-AES)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 8 185.80.39.216 27381 (CASALE-MEDIA)
8 14 142.250.186.34 15169 (GOOGLE)
4 7 209.54.182.161 16509 (AMAZON-02)
3 5 2a05:d018:d29... 16509 (AMAZON-02)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 141.226.228.48 200478 (TABOOLA-AS)
1 2 34.91.62.186 396982 (GOOGLE-CL...)
2 36 34.247.233.198 16509 (AMAZON-02)
2 2 2620:116:800d... 16509 (AMAZON-02)
2 2 44.205.120.122 14618 (AMAZON-AES)
4 4 64.74.236.31 19024 (INTERNAP-...)
2 2 104.111.217.14 16625 (AKAMAI-AS)
3 3 198.148.27.140 19189 (PULSEPOINT)
1 2600:9000:211... ()
4 4 34.98.64.218 396982 (GOOGLE-CL...)
2 2 54.80.89.182 14618 (AMAZON-AES)
2 193.122.130.38 31898 (ORACLE-BM...)
2 8.18.47.7 398989 (DEEPINTENT)
4 4 18.203.20.80 16509 (AMAZON-02)
2 2 3.126.29.61 16509 (AMAZON-02)
1 1 85.114.159.93 ()
2 2 20.127.253.7 8075 (MICROSOFT...)
2 141.95.98.64 16276 (OVH)
3 3 185.29.134.244 30419 (MEDIAMATH...)
5 6 151.101.194.49 54113 (FASTLY)
4 4 18.158.8.202 16509 (AMAZON-02)
2 2 202.241.208.55 4694 (IDCF IDC ...)
2 2 80.77.87.163 46636 (NATCOWEB)
2 2 178.250.2.151 44788 (ASN-CRITE...)
2 6 185.86.137.133 201081 (SMARTADSE...)
1 1 185.183.112.148 60350 (VP)
2 2 54.171.54.65 16509 (AMAZON-02)
1 69.173.151.100 26667 (RUBICONPR...)
1 198.47.127.19 62713 (AS-PUBMATIC)
6 9 69.173.144.138 26667 (RUBICONPR...)
2 4 52.95.125.22 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
3 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.180 1299 (TWELVE99 ...)
4 185.64.190.80 62713 (AS-PUBMATIC)
1 1 141.94.171.214 16276 (OVH)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.190.87 62713 (AS-PUBMATIC)
448 84
28    2a02:4780:b:730:0:2ede:94d2:a (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)
amenazaytx.site
5    2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    13.32.99.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-54.fra60.r.cloudfront.net
cdn.purpleads.io
25    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.eswhik.com
14    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
2    2606:4700:10::6816:4ae5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.sendwebpush.com
22    3.210.159.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-159-45.compute-1.amazonaws.com
api.purpleads.io
6    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)
eswhik.github.io
2    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.psdn.xyz
2    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)
818cc620f3ccaa74b8513e7bc705452d.safeframe.googlesyndication.com
6    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
16    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
7    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
3    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
21    52.210.29.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
ads.servenobid.com
7    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
5    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
7    18.156.30.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-30-226.eu-central-1.compute.amazonaws.com
tlx.3lift.com
3    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2a00:1450:400d:803::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
6    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
8    65.9.95.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-20.prg50.r.cloudfront.net
ib.3lift.com
20    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    3.123.192.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-192-137.eu-central-1.compute.amazonaws.com
ghent-aws-fr.bidswitch.net
7    37.157.5.141 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
10    3.68.24.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-24-7.eu-central-1.compute.amazonaws.com
aws-fr-sync.bidswitch.net
x.bidswitch.net
6    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com
images.outbrainimg.com
11    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
log.outbrainimg.com
sync.outbrain.com
13    34.248.176.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
s.update.3lift.com
1    213.19.162.41 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
smarttag.rubiconproject.com
4    37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
21    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
4    18.169.200.225 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-200-225.eu-west-2.compute.amazonaws.com
track.webgains.com
1    65.9.66.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-11.fra56.r.cloudfront.net
analytics.webgains.io
2    18.66.15.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-50.vie50.r.cloudfront.net
cdn.track.production.webgains.team
4    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
6    18.133.22.21 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-22-21.eu-west-2.compute.amazonaws.com
api.webgains.io
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
2    13.32.27.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-45.fra56.r.cloudfront.net
public.servenobid.com
2    23.203.124.180 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-180.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    34.247.128.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-128-14.eu-west-1.compute.amazonaws.com
g2.gumgum.com
4    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
8    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
8    104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    23.203.124.192 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2600:9000:211a:e200:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
4    72.251.249.9 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
2    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
6    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
11    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
7    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    54.88.156.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-156-252.compute-1.amazonaws.com
ssp.disqus.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
8    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
14    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
7    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    2a05:d018:d29:3605:3a35:c032:6d7e:7081 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
36    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
2    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    44.205.120.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-120-122.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    64.74.236.31 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    104.111.217.14 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-14.deploy.static.akamaitechnologies.com
stags.bluekai.com
3    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    2600:9000:211a:dc00:1b:5138:8a40:93a1 (None, )

ASN- ()
s.ad.smaato.net
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    54.80.89.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-89-182.compute-1.amazonaws.com
sync.ipredictive.com
2    193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    8.18.47.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
4    18.203.20.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-20-80.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    3.126.29.61 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-29-61.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    85.114.159.93 (None, )

ASN- ()
dsp.adfarm1.adition.com
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
3    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    18.158.8.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
2    202.241.208.55 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
6    185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    185.183.112.148 (Meaux, France)

ASN60350 (VP, FR)
sync.adotmob.com
2    54.171.54.65 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-54-65.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
9    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
4    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.180 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com
d5p.de17a.com
4    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel.onaudience.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
Apex Domain
Subdomains		 Transfer
48 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 506
ib.3lift.com — Cisco Umbrella Rank: 1350
eb2.3lift.com — Cisco Umbrella Rank: 333
s.update.3lift.com — Cisco Umbrella Rank: 6768
198 KB
38 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1318
usersync.gumgum.com — Cisco Umbrella Rank: 1725
12 KB
28 amenazaytx.site
amenazaytx.site
2 MB
25 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2657
smarttag.rubiconproject.com — Cisco Umbrella Rank: 13428
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 840
eus.rubiconproject.com — Cisco Umbrella Rank: 532
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1031
token.rubiconproject.com — Cisco Umbrella Rank: 551
pixel.rubiconproject.com — Cisco Umbrella Rank: 306
56 KB
25 eswhik.com
cdn.eswhik.com
77 KB
25 purpleads.io
cdn.purpleads.io — Cisco Umbrella Rank: 45500
api.purpleads.io — Cisco Umbrella Rank: 28104
70 KB
23 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1645
public.servenobid.com — Cisco Umbrella Rank: 3061
16 KB
23 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
cm.g.doubleclick.net — Cisco Umbrella Rank: 216
212 KB
21 ad4m.at
ad4m.at — Cisco Umbrella Rank: 9591
as.ad4m.at — Cisco Umbrella Rank: 28836
assets.ad4m.at — Cisco Umbrella Rank: 37206
1 MB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 207
acdn.adnxs.com — Cisco Umbrella Rank: 550
secure.adnxs.com — Cisco Umbrella Rank: 413
49 KB
17 adform.net
track.adform.net — Cisco Umbrella Rank: 3926
c1.adform.net — Cisco Umbrella Rank: 590
s1.adform.net — Cisco Umbrella Rank: 8701
74 KB
16 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 434
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
11 KB
16 googlesyndication.com
818cc620f3ccaa74b8513e7bc705452d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 156
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
89 KB
14 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 463
image6.pubmatic.com — Cisco Umbrella Rank: 702
simage2.pubmatic.com — Cisco Umbrella Rank: 654
image2.pubmatic.com — Cisco Umbrella Rank: 862
aud.pubmatic.com — Cisco Umbrella Rank: 4371
44 KB
12 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 274
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 417
4 KB
12 bidswitch.net
ghent-aws-fr.bidswitch.net — Cisco Umbrella Rank: 11986
aws-fr-sync.bidswitch.net — Cisco Umbrella Rank: 27313
x.bidswitch.net — Cisco Umbrella Rank: 276
5 KB
11 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 960
8 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 301
3 KB
11 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 698
gum.criteo.com — Cisco Umbrella Rank: 385
mug.criteo.com — Cisco Umbrella Rank: 2848
dis.criteo.com — Cisco Umbrella Rank: 703
16 KB
10 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 780
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 565
5 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 387
218 KB
9 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1862
mp.4dex.io — Cisco Umbrella Rank: 1893
74 KB
8 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2439
www.google-analytics.com — Cisco Umbrella Rank: 22
21 KB
7 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 712
2 KB
7 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 18712
api.webgains.io — Cisco Umbrella Rank: 49878
32 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 691
1 KB
7 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5807
creativecdn.com — Cisco Umbrella Rank: 533
2 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 554
2 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 521
4 KB
6 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 850
ap.lijit.com — Cisco Umbrella Rank: 595
3 KB
6 outbrainimg.com
images.outbrainimg.com — Cisco Umbrella Rank: 2131
log.outbrainimg.com — Cisco Umbrella Rank: 2382
84 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
241 KB
5 media.net
prebid.media.net — Cisco Umbrella Rank: 1038
contextual.media.net — Cisco Umbrella Rank: 543
19 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 838
833 B
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
381 KB
4 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1048
667 B
4 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 648
1 KB
4 openx.net
us-u.openx.net — Cisco Umbrella Rank: 420
1021 B
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 515
2 KB
4 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
116 KB
4 webgains.com
track.webgains.com — Cisco Umbrella Rank: 40045
54 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 70
2 KB
4 github.io
eswhik.github.io
25 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 453
2 KB
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 525
1 KB
3 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 803
1 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
3 KB
3 psdn.xyz
cdn.psdn.xyz — Cisco Umbrella Rank: 65443
362 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3812
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4845
562 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 480
1 KB
2 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 931
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 935
1 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 393
2 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1128
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 689
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 835
83 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1224
585 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
930 B
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 516
2 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 650
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 636
1001 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 788
1 KB
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1291
951 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 726
1 KB
2 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 2867
968 B
2 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 47056
18 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 767
4 KB
2 sendwebpush.com
cdn.sendwebpush.com
9 KB
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2968
419 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 373
710 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1513
712 B
1 adition.com
dsp.adfarm1.adition.com
503 B
1 smaato.net
s.ad.smaato.net
241 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 932
178 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2065
419 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1375
109 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
48 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8470
792 B
0 trafficroots.com Failed
demand.trafficroots.com Failed
448 80
Domain Requested by
36 usersync.gumgum.com 2 redirects g2.gumgum.com
28 amenazaytx.site amenazaytx.site
25 cdn.eswhik.com amenazaytx.site
cdn.eswhik.com
22 api.purpleads.io cdn.purpleads.io
amenazaytx.site
21 ads.servenobid.com cdn.psdn.xyz
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
ads.pubmatic.com
20 eb2.3lift.com 2 redirects amenazaytx.site
ib.3lift.com
cdn.psdn.xyz
14 cm.g.doubleclick.net 8 redirects g2.gumgum.com
ssbsync.smartadserver.com
eus.rubiconproject.com
13 s.update.3lift.com ib.3lift.com
s.update.3lift.com
13 ib.adnxs.com 6 redirects cdn.psdn.xyz
acdn.adnxs.com
11 match.adsrvr.org public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
10 ad4m.at s1.adform.net
ad4m.at
ssum-sec.casalemedia.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 tpc.googlesyndication.com securepubads.g.doubleclick.net
amenazaytx.site
tpc.googlesyndication.com
9 securepubads.g.doubleclick.net amenazaytx.site
securepubads.g.doubleclick.net
8 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
8 eus.rubiconproject.com public.servenobid.com
g2.gumgum.com
eus.rubiconproject.com
8 ssum-sec.casalemedia.com 4 redirects public.servenobid.com
ssum-sec.casalemedia.com
8 ib.3lift.com cdn.psdn.xyz
ib.3lift.com
amenazaytx.site
7 sync.outbrain.com 6 redirects g2.gumgum.com
7 s.amazon-adsystem.com 4 redirects ssum-sec.casalemedia.com
eus.rubiconproject.com
7 ups.analytics.yahoo.com 7 redirects
7 assets.ad4m.at as.ad4m.at
7 track.adform.net amenazaytx.site
s1.adform.net
7 tlx.3lift.com cdn.psdn.xyz
amenazaytx.site
7 onetag-sys.com cdn.psdn.xyz
public.servenobid.com
6 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
6 sync-tm.everesttech.net 5 redirects ssbsync.smartadserver.com
6 sync.1rx.io 6 redirects
6 api.webgains.io analytics.webgains.io
6 x.bidswitch.net 6 redirects
6 c1.adform.net 5 redirects ads.pubmatic.com
6 script.4dex.io cdn.psdn.xyz
script.4dex.io
6 region1.google-analytics.com www.googletagmanager.com
5 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
5 pr-bh.ybp.yahoo.com 3 redirects ssum-sec.casalemedia.com
5 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
5 secure-assets.rubiconproject.com 4 redirects amenazaytx.site
5 pagead2.googlesyndication.com amenazaytx.site
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 fonts.gstatic.com fonts.googleapis.com
5 prebid.a-mo.net 2 redirects cdn.psdn.xyz
5 www.googletagmanager.com amenazaytx.site
cdn.eswhik.com
www.googletagmanager.com
4 image2.pubmatic.com ads.pubmatic.com
4 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 creativecdn.com 4 redirects
4 cs.emxdgt.com 4 redirects
4 ad.360yield.com 4 redirects
4 us-u.openx.net 4 redirects
4 b1sync.zemanta.com 4 redirects
4 ce.lijit.com 4 redirects
4 ssbsync.smartadserver.com 2 redirects public.servenobid.com
4 gum.criteo.com 2 redirects static.criteo.net
4 static.criteo.net cdn.psdn.xyz
static.criteo.net
4 track.webgains.com as.ad4m.at
4 as.ad4m.at ad4m.at
as.ad4m.at
4 s1.adform.net ghent-aws-fr.bidswitch.net
s1.adform.net
4 log.outbrainimg.com amenazaytx.site
4 aws-fr-sync.bidswitch.net 4 redirects
4 eswhik.github.io cdn.eswhik.com
eswhik.github.io
amenazaytx.site
3 simage2.pubmatic.com ads.pubmatic.com
3 sync.mathtag.com 3 redirects
3 bh.contextweb.com 3 redirects
3 secure.adnxs.com 3 redirects
3 sync.go.sonobi.com public.servenobid.com
3 fonts.googleapis.com securepubads.g.doubleclick.net
3 prebid.media.net cdn.psdn.xyz
3 mp.4dex.io cdn.psdn.xyz
3 prebid-eu.creativecdn.com cdn.psdn.xyz
3 bidder.criteo.com cdn.psdn.xyz
3 cdn.psdn.xyz cdn.purpleads.io
3 www.google.com cdn.eswhik.com
amenazaytx.site
tpc.googlesyndication.com
3 cdn.purpleads.io amenazaytx.site
2 visitor.fiftyt.com 2 redirects
2 d5p.de17a.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 dis.criteo.com 2 redirects
2 cs.admanmedia.com 2 redirects
2 tg.socdm.com 2 redirects
2 id5-sync.com g2.gumgum.com
2 sync.inmobi.com 2 redirects
2 pm.w55c.net 2 redirects
2 match.deepintent.com g2.gumgum.com
2 sync.technoratimedia.com g2.gumgum.com
2 sync.ipredictive.com 2 redirects
2 stags.bluekai.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 cms.quantserve.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 ssp.disqus.com 2 redirects
2 p.rfihub.com 2 redirects
2 ap.lijit.com public.servenobid.com
2 cs-rtb.minutemedia-prebid.com public.servenobid.com
2 g2.gumgum.com public.servenobid.com
2 mug.criteo.com
2 acdn.adnxs.com cdn.psdn.xyz
2 public.servenobid.com cdn.psdn.xyz
2 contextual.media.net cdn.psdn.xyz
2 cdn.track.production.webgains.team as.ad4m.at
2 images.outbrainimg.com amenazaytx.site
cdn.purpleads.io
2 ghent-aws-fr.bidswitch.net 2 redirects
2 www.google-analytics.com cdn.sendwebpush.com
www.google-analytics.com
2 unpkg.com eswhik.github.io
amenazaytx.site
2 cdn.sendwebpush.com amenazaytx.site
cdn.sendwebpush.com
1 aud.pubmatic.com ads.pubmatic.com
1 pixel.onaudience.com 1 redirects
1 px.ads.linkedin.com eus.rubiconproject.com
1 image6.pubmatic.com ads.pubmatic.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 sync.adotmob.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 s.ad.smaato.net g2.gumgum.com
1 sync.taboola.com 1 redirects
1 s.company-target.com 1 redirects
1 sync.adkernel.com public.servenobid.com
1 analytics.webgains.io track.webgains.com
1 smarttag.rubiconproject.com ads.rubiconproject.com
1 www.googletagservices.com amenazaytx.site
1 ads.rubiconproject.com amenazaytx.site
1 818cc620f3ccaa74b8513e7bc705452d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.gstatic.com www.google.com
0 demand.trafficroots.com Failed ssbsync.smartadserver.com
448 123

This site contains links to these domains. Also see Links.

Domain
eswhik.com
www.kadencewp.com
Subject Issuer Validity Valid
amenazaytx.site
ZeroSSL RSA Domain Secure Site CA		 2023-01-03 -
2023-04-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.purpleads.io
Amazon		 2022-10-31 -
2023-11-29		 a year crt.sh
*.eswhik.com
E1		 2022-12-28 -
2023-03-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-07-23 -
2023-07-23		 a year crt.sh
*.github.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-04-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
psdn.xyz
E1		 2022-12-29 -
2023-03-29		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
update.3lift.com
R3		 2022-12-29 -
2023-03-29		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
*.webgains.io
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-09-29 -
2023-10-28		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
*.servenobid.com
Amazon		 2023-01-07 -
2024-02-05		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
gumgum.com
Amazon		 2022-09-06 -
2023-10-05		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.minutemedia-prebid.com
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon		 2023-01-16 -
2024-02-15		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh

This page contains 83 frames:

Primary Page: https://amenazaytx.site/
Frame ID: 0FCA1FAE6D8873A758B3A694BBBB591A
Requests: 113 HTTP requests in this frame

Frame: https://cdn.psdn.xyz/prebid-2022-12-27.js
Frame ID: 800BABBA09A525491D783D3D40C28FCD
Requests: 14 HTTP requests in this frame

Frame: https://818cc620f3ccaa74b8513e7bc705452d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D9CA9F18A2DE7E485F093AACB305E584
Requests: 1 HTTP requests in this frame

Frame: https://cdn.psdn.xyz/prebid-2022-12-27.js
Frame ID: 6EB15652C48D9E56E4C0668F759DD81F
Requests: 14 HTTP requests in this frame

Frame: https://cdn.psdn.xyz/prebid-2022-12-27.js
Frame ID: FCEE3E2647FBE7F0474CF832A5DF52A8
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Frame ID: 0E842CF6D2D06695D501DF7E6C4EF6AD
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Frame ID: 9652ACE66A3C3BE705451299CF7CBDBD
Requests: 15 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/22554.js
Frame ID: 07FA99B9303567095F19BA6BBD8A3FA2
Requests: 4 HTTP requests in this frame

Frame: https://ib.3lift.com/ttj?inv_code=Purpleads_RON_Banner_HDX_Prebid
Frame ID: F6D13798A05CADEF17BC02DDC0A2E8A0
Requests: 20 HTTP requests in this frame

Frame: https://ib.3lift.com/ttj?inv_code=Purpleads_RON_Banner_HDX_Prebid
Frame ID: EAAEDDD88E305E1595E6023CBA86A042
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0F7760C574FBB527939D1C3B90837406
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=33501765;rtbwp=0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0;rtbdata=sRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0;;OOBClickTrack=
Frame ID: 7E718720B16067A3ED3526661FE61A0F
Requests: 8 HTTP requests in this frame

Frame: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBmNTE1ZTU2ODJiODc5MDdmZmM3OTkzNTcwZjNhOWNhYjNmOWY4NTQ0ZGU2MDU1MjFhMzg0Nzg2ZTQ2MTgxZDEiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Frame ID: 798CBA1BEA75FAA43C4184BFA9E7FBDC
Requests: 4 HTTP requests in this frame

Frame: data://truncated
Frame ID: D31539C7980BD7E0D5A617C8D0A5A23B
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=58174908;rtbwp=0.01391-q0U4z5Zr0UU5nBlNTO9GBwi-hgJwsK1k0;rtbdata=pI-0AXQtEWydKVBh47-yuHaNe2ww0hRIo8KV65ojSF0S7vGKfj_u6R2R6QFKlcaadfbojnNZZ6GI5lczJZctJKst9pK3RJfJuY6Ph63adJjRFXt4vKagSHgqcB-zYbs1rjP4DvckvntNIxo88LcnSxUCzFW9mulo8qmmYTxbfPLAMPZ1flaTgo2iWHCKmfaGZPSVCRcBPzE1;;OOBClickTrack=
Frame ID: 6ECB4377DBC28EF759083664853E0CDF
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022301041800000/amp4ads-v0.mjs
Frame ID: B3ECB65F4CFC8853F37C397F7E2A8732
Requests: 16 HTTP requests in this frame

Frame: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBmNTE1ZTU2ODJiODc5MDdmZmM3OTkzNTcwZjNhOWNhYjNmOWY4NTQ0ZGU2MDU1MjFhMzg0Nzg2ZTQ2MTgxZDEiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Frame ID: 99C32E61472D013DE74F4947FB476F6F
Requests: 4 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 1AC15F178480E1068DC4E328C324F5C2
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 15BB9683CA016D5510513AF472892DE6
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196899&b=K19HRfRkQ9FGJMes5Hrt4HPtYG1a8TATXAaq&f=k5gs5fQP86FdRWgH4HZtpHmCk53UkTjTBRhR&c=970&d=250&e=&g=c5525dcf2ec8bfbb239f1d483c36bc81%2F15498422038251962271&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1674322056987&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D58174908%3Bcrtbwp%3D0.01391-q0U4z5Zr0UU5nBlNTO9GBwi-hgJwsK1k0%3Bcrtbdata%3DpI-0AXQtEWydKVBh47-yuHaNe2ww0hRIo8KV65ojSF0S7vGKfj_u6R2R6QFKlcaadfbojnNZZ6GI5lczJZctJKst9pK3RJfJuY6Ph63adJjRFXt4vKagSHgqcB-zYbs1rjP4DvckvntNIxo88LcnSxUCzFW9mulo8qmmYTxbfPLAMPZ1flaTgo2iWHCKmfaGZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DhIQzL1URogrGDDExtPWVkMnByvRlVEyqof1lNPm-ZGH4K1eXuCEchtZTea-mcnB63imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlTyCUwOOVyN2KsJdQY-vvw3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: 21BEA1F6BC7580B1E1F0DC721E4913D5
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C197862%2C177100&b=3Jghpf4fXBjga7HrHAtEt9ZrSPSWTAJFd%2CKk8URfZfGBmzU5HMHktPtK13Yf7SATwAFq%2C8bjtDf8fRJV5ugHJHEtxteA92FGSwT8jFk&f=WVpHrfdfZYM6UYH5HjtDCXz8H3SETJ8F2%2CkGQS5f3fd65qF4HwHetmCX3qkfZSjTpRFR%2CZp4TwfBfzDmMcmHDHDtDC1jbwa6SXTxgFJ&c=970&d=250&e=&g=9c773e39be6301880c80b3f092dff1f1%2F11318067835857329594&i=20597%2C71725%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf03netmixdc&r=1674322057010&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33501765%3Bcrtbwp%3D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%3Bcrtbdata%3DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: FCFA4A51770B3FEE48B1978685ED27EE
Requests: 18 HTTP requests in this frame

Frame: blob://https://amenazaytx.site/a3e3d9fe-211d-4d98-922d-f3521eab9815
Frame ID: 83500C92DC4E9E4B95C40287674012BE
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=44835
Frame ID: C0C97A1E7D98ABAFD3179B673B703661
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=80179
Frame ID: 5C927E147744F424486D03D64790F9FD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1788F903715608B481E04D876FF1F23D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3D9C213F3A2448A8601A64EA9B13261E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=amenazaytx.site
Frame ID: D149E792C6648BF50814D4289B23F95E
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: EA61E46457964A274C6692F5C1C45694
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 37117A1CDAD0458D19DA680EE5AD7F40
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: EA53228CA668A6DEDE81540465B8BE04
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1674322055311
Frame ID: 2E0EFE580067A0B742671C216EF82A29
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6C931ECF1D8CA46FF2F6456BEB1C2948
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: BBF042F58CDBC00BC4EF5C4873556601
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 973527E78E01FF519CEC2156D769100A
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: E0D3AB20492D1794EEA4B631C42EAE86
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1674322055311
Frame ID: 41557DB38D3B539DC75CDDB20873AEA9
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 570FE2A6E700318DD0BF0A13AF05A491
Requests: 3 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 64E939FB7ABD123E8D2FBEF298355199
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 910B77C52C95D6A2DEA297B7BEA8F15B
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 681362656470F6D1B277C40ED2AFED24
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: C4D8B6E10B0B18B176560819068DA0BA
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: B7F5CB7C63848478BF2E7C119EA1C3BB
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: F74DFFC647CA32A2E40169F831004131
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 52E65E1458CC56CB32EC54AD6220A0AF
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 36F5F5520D5D069EFFDE3183738A6087
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 9474C902E8B9A59CC42759B2143232E0
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 32882B1C42F629D8CA703C171DDAD1BB
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 30B4ADD2545984E4264DC808F8EA9AFA
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 68B055210332A70A320B344943F4574B
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 40498A429CF517E8D75C7D34676E9338
Requests: 10 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 7046E1D394070E71FB137D5691A15984
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=amenazaytx.site
Frame ID: D8BE3EC2ECF4689D4F00041205C3065E
Requests: 2 HTTP requests in this frame

Frame: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: 9BC68C2B02A887C1734D117A7D5A4D78
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 7806BA380279028D68910C2836A03A22
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 1825F999206331D7D444338D2F0EDF89
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=46b763cc-208a-4f00-ab79-a1bf17620889&gdpr=0&gdpr_consent=
Frame ID: 11F980FA022B31076316FFF362BD798F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y8wgigAAA8L1gAAh&gdpr=0&gdpr_consent=&_test=Y8wgigAAA8L1gAAh
Frame ID: CC54122E98227E78BE6E022E17D980C3
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iZjFkMTlkMC1lZjBkLTQwNWItYTQ3Ni1iMjk1YmYwM2RmNzY=&gdpr=0&gdpr_consent=
Frame ID: 1E288D786C89D03A0829CBBA541F3D33
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=2016046212463888684brt51571674322058758286f1
Frame ID: 94DD358E155206077664E8FEC2A04870
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y8wgi8Co5tEAABsZD-sAAAAA
Frame ID: 9AC611197918EF1C168F9D5E19D40067
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=6b792583-8817-4136-854d-4350031db03a
Frame ID: E6C9438CC9D408B3D35580A76CEF75EF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y8wgih9Y2mshrupLH00G.AAA%261188
Frame ID: F6B3AE57103BB6A3CDB9ECC7754E63C0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=ffU6dhiPVn9A68e0CY6L&pi=gumgum&tc=1
Frame ID: C2C5BDD393F8901925025E16087BA543
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: A1C8419FA361D3B074CB447748D1FC6B
Requests: 3 HTTP requests in this frame

Frame: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: D812201F446FECF8107DFE616E35E0EC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 41E3913AC61E1C800F76709084FE5484
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 121CC06203BBDC652D75AD825A5D14DF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=d02763cc-208a-4600-94d6-be2c038cecda&gdpr=0&gdpr_consent=
Frame ID: 9AC6E04E4C82E4935C00B8EF5E36905B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y8wgigAA-aGWRQAb&gdpr=0&gdpr_consent=&_test=Y8wgigAA-aGWRQAb
Frame ID: BD61C9BB8D9692201B89A6A7EB78FE8E
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9mMTBjNWY2MS1hZDViLTQwNWMtOTY4Zi03YTg0NzllMmUwNzM=&gdpr=0&gdpr_consent=
Frame ID: E8714A33F21A0D8537C96BF4D929F809
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=2016046212463888684brt51571674322058758286f1
Frame ID: A6EDAC08C9BFB551753B1C682CD7F814
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y8wgi8Co5sMAANC0Cj4AAAAA
Frame ID: 8012593F7C9545591051513983C0EC30
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=18eb43b6-109d-4bbb-9725-f20e32f07625
Frame ID: 8532538EED39FBFCE273CF7BF5A8C177
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y8wgih9Y2mshrupLH00G.AAA%261188
Frame ID: E0ABB93C8540FBB57976AC9253D69438
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=ffU6dhiPVn9A68e0CY6L&pi=gumgum&tc=1
Frame ID: 58A62619894708F19F1647B09E64F303
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: D67525ED791AA0C584F8AA54B38C5E3B
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=6714FF8F-173D-42C6-859B-C9C2E6553461&gdpr=0&gdpr_consent=
Frame ID: 0721D41041B39E5500A0DF003DC15DA8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d02763cc-208a-4600-94d6-be2c038cecda&gdpr=0&gdpr_consent=
Frame ID: 523F5E00FD3B8C36B9645ED756D76146
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6313680074340446688
Frame ID: 94B02A65F3030D85E030256C0B4AEC32
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 19455A7518557EC3BEC12026E42E5AF0
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6714FF8F-173D-42C6-859B-C9C2E6553461&redir=true&gdpr=0&gdpr_consent=
Frame ID: 324782C1F6682C80B7C4CED975F8F655
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NdE-8DHSZfEu0m3wMINw8GLVZPcu2mWjYoYbh2Xp
Frame ID: 8E9DFAF3CE78AE10EFC4D296DA632632
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=6714FF8F-173D-42C6-859B-C9C2E6553461
Frame ID: 907BD1251DD6F47942FB50EDBF6F47C5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MundoYT NBM - Tus mejores archivos aquíAlternar el menúContinuarContinuarContinuarContinuarContinuarContinuarContinuarContinuarContinuarContinuarSiguiente

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

448
Requests

82 %
HTTPS

27 %
IPv6

80
Domains

123
Subdomains

84
IPs

11
Countries

5569 kB
Transfer

10478 kB
Size

119
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 169
  • https://ghent-aws-fr.bidswitch.net/imp/0.016/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R33501765_Qrtbwp_R_I_WAUCTION__PRICE_X-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0_Qrtbdata_RsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI__SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK__aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0_Q_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/hVe4BeRF0iEQKLdsio_4gPQbCzl9QaLPJTyWCB2WDJ3WjXMdobKitqE_iF_8pKRpyk4FPq0RFyJ1fwuzwaZ5QojrJ2txzmISJvN_6qr3IiBIEDEJQ-DVl4ZyPG1v03KAByfxegBon_nDGT_pYzGKrI-AhsZ1R8JU23zZTA3WvV9UGZm6dQFDUIJhTAe-7gwvL_C-ZZcvmMzeIBPcwYjAtlRDvZana__IcJoI5jurI9tb6KPf4kqyZ1496RjNdz1GNEaWBFAxOXSpu7oWnZBwgMwvEHpCwXvhGy6X6fP9bLagEpVEf9HbsAsvQAgh-G_WwVV0NcSMh-alv7y2v9vYaiT570tr-7UA4HnhXa1efkWVhlNl2ODcUVdn-hdPbdWtq_m-MDedET0132pUsaes8njDdvUal1h63GoYGx4RPy7p2W-P8Ea09Ytn_zQkTnJSUsJUrrVCigSNuiuCV45J71YDeH2hrizUXX0UAeq2VqugbQHe5HPLFW8qtVnG3mY-dJ65Ghaw3fc5rlruO2ZLWl1DuRtt4MTYGLMmj2iKUvnsuBM0vppfbvezEwJGamqviOE6KeSv-Hh76upfXsh34DZbvCu92aw720jN4pSqSs0LWmQDWM_OJenrHGpNRp-VxfHqsbzobjnVTCN4zSROlXrTAqLUe6INoi-1W53eKzGvyPwxkbBE_Yylj3qx9sD5Q1ALxMS3fFWDKf4QCGhGjYvz2FzBuQNY6FhC6MDGKQAbp3-U1PqqMsxYj76iuQj5jHEFmcQJWFb3bkCpBEhmilQ6X-m5y960sg8LzEDOYlt_aghwu1qLs-4UXvhhlWArcgAEcEfG-6DrjgUlJTFiWJ2rChD9tUkYfPPZiztUKXedYgL0afPhFtHyQZS3aD9cP3NPpTQo04_PSAtOBiCS5ENTk2KqZC4oI-RoA5pbPMuRnmaoNo9cyu7Hkh368goQzBxozQ0ahqBpdSTUMDNcdVDt2k8rRKb2WMxF_XRXwdcr4I5zWpYJ_MJ2v7NGezVClbytWpFyoLPgY9YVSrsyyVNbq_QHS-1UKmL313WatbATQJeQF3gCOZYQOZDI8VXdkUoLdkvQN_ofNSWXusOfhypyrjoWLO3JJgWVDIsr/ HTTP 302
  • https://track.adform.net/adfscript/?bn=33501765;rtbwp=0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0;rtbdata=sRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0;;OOBClickTrack=
Request Chain 170
  • https://aws-fr-sync.bidswitch.net/sync?ssp=triplelift&dsp_id=70&imp=1 HTTP 302
  • https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=triplelift&dsp_id=70&imp=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7685950011543737331&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=70e23e84-137f-4ab6-a53d-3e8ca2211bc8&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=70e23e84-137f-4ab6-a53d-3e8ca2211bc8&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
Request Chain 184
  • https://ghent-aws-fr.bidswitch.net/imp/0.013/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R58174908_Qrtbwp_R_I_WAUCTION__PRICE_X-q0U4z5Zr0UU5nBlNTO9GBwi-hgJwsK1k0_Qrtbdata_RpI-0AXQtEWydKVBh47-yuHaNe2ww0hRIo8KV65ojSF0S7vGKfj__u6R2R6QFKlcaadfbojnNZZ6GI5lczJZctJKst9pK3RJfJuY6Ph63adJjRFXt4vKagSHgqcB-zYbs1rjP4DvckvntNIxo88LcnSxUCzFW9mulo8qmmYTxbfPLAMPZ1flaTgo2iWHCKmfaGZPSVCRcBPzE1_Q_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/CcdixfKbpxnF5OPJqeXekMkeF9m_R7-ADRQYvGZ7xwnW5uvwaqZ4AnYJTQf2ZxRFz8XLq99TmN4VAYfH-pejMZvcCPJkDWF6lqCTUmUP-8tlPZ0Tc5ef4DgCon7wdrfqnH2xRYUi42SjTZiPwm-cN-mrp8HmwL5BtD9UymobIsOA6YTmBMqLkIhN-CQAWFQ8pj9LBF2e8VAaI3PPwe4BUN3lFfhr-QC9J-zjI7-EDTWcyq0blKgIfIEyTOoYWmqZ9NY90fA_Ao945WvGBMEk7NfIftKePWCSrG7dnN-lwLVO5zLcG6gwIKz52DcpIioNAptsPHzCgyU9nlUkOzyCgxt0VmZ01thG_a9BtDybyEx6A71ZekQIKSZFUdPjJlu_8PffNaJYRPSvkwYgWBb4nCnGMqAHB1dnelpbrRUYo2SQGXvArS-dnY8THEGG_sOCPXqSfg_C0CbTWN9nJZhEP34zEGp2QX8VuebMuYnSKW2ypqXg0ZPPITXtKoGGO1gUQjlTRQ6NClbJd9t0afbJ_TXO55_Md7QRUsEF7oVOKNCZQT4SgqPs85XgcKAha16XhbAPYT6bgMlOiwyz40fquZIuBgy9VBrX9RykJfEihYKjS3zcPhv7_ZVVmial8r08KU5IVYQPEd_L6P_Xz2_gC5Y33G5rG7Jk123k6odlu75wLeqnYVVAAWRMfcJJW4uX0I-pvwCvFRi7JkJXpGAR9y2iL2ns0B1RHhNelhV98anEcf4e67aWTAumQ_nOdjmChl-ro1oALjiGlEUv8jZu1VqxXmPwouezkHLxnNCgP67qNgsr0LZIFc9G-ZQyAyR8rwB_-fv_SB9G4VbMrs1lkHEtLE9rsA2yqVMB_XBnmkTJCGQShxle4vHDzE7yDOaDLBcZUwAr90n8JWtEZGt0x7XDrEesrrs6_GLm7ppu6Bf5b-a8n7F5gvWBEZMLxpD-sEz_asi5v5wnVuGXO9DYZk4t39jhdyW4nhVoa6ClixexFjcU0EQ8AoX10Yjpv4cRyQWMD7KSnw88Qoj533vyUy_oSW_Y2ECELAOELh7arGBjLjYW7o_TqotavlyZpZDCbkApxwIjNTmIfgJ7vKWlSzIWBIDt7WbZyczZC43GrQ/ HTTP 302
  • https://track.adform.net/adfscript/?bn=58174908;rtbwp=0.01391-q0U4z5Zr0UU5nBlNTO9GBwi-hgJwsK1k0;rtbdata=pI-0AXQtEWydKVBh47-yuHaNe2ww0hRIo8KV65ojSF0S7vGKfj_u6R2R6QFKlcaadfbojnNZZ6GI5lczJZctJKst9pK3RJfJuY6Ph63adJjRFXt4vKagSHgqcB-zYbs1rjP4DvckvntNIxo88LcnSxUCzFW9mulo8qmmYTxbfPLAMPZ1flaTgo2iWHCKmfaGZPSVCRcBPzE1;;OOBClickTrack=
Request Chain 185
  • https://aws-fr-sync.bidswitch.net/sync?ssp=triplelift&dsp_id=70&imp=1 HTTP 302
  • https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=triplelift&dsp_id=70&imp=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7748378143796879746&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=70e23e84-137f-4ab6-a53d-3e8ca2211bc8&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=70e23e84-137f-4ab6-a53d-3e8ca2211bc8&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
Request Chain 294
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=amenazaytx.site&sn=ChromeSyncframe&so=0&topUrl=amenazaytx.site&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=1AsnKHxtZXI3TXVtclRXSWwrbWgweE1CY1JvZ1FpUmovRUlCMng2SHBsMWF0Y3VmZ3ZzbU5ZdEdzUjhuMHhTbFhZWTBOU003SENtd05JRmxxUFNhNGtxMkxSWktvRGt4NWF6b3JnRHZHcHlKRHB2MXRlQ3M1bCswUDNKbzFVb3dTRTJwZHpCL3JiMWxHU3RJRHprMnk0Nzd5MCtHbUxjOGFyMHdTTERucHpoN0Z4UWI4VGlvY1FaMVVLZ2k1UFUwWWl1UTdHTERBUy9pMThKa3A0WitjTGFPL0toUzUwUzlNb3NCM3ZGa3dpSmozenVmNFRZOHZBTzA1N214Y01aYmZtNEdaQ3VCcVBTRWl1WmpvVTF4QWNGb1Q2QT09fA&cppv=2
Request Chain 298
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 299
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=2016046212463888684
Request Chain 303
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=GBkXrRZH1u9_9NJ1RwG2L1VO
Request Chain 305
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1674322058548 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1055560538
Request Chain 306
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5109685625856370940
Request Chain 308
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=35c2f77a-2445-434f-bf1c-55ddfc57adf1&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 309
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-NdKxAzNE2uGN7XBXDb8bryH446ivOGn3SsQTQ4w-~A
Request Chain 310
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://sync.adkernel.com/user-sync?zone=176971&t=image&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26r%3DCid1YS1iZjY5NGVhMC02YWI3LTMxNTUtYWQ2Ni1mOTcyZmFkMTZhOTUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iZjY5NGVhMC02YWI3LTMxNTUtYWQ2Ni1mOTcyZmFkMTZhOTUyAhsOOAE=%26buyeruid%3D%7BUID%7D
Request Chain 311
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-NdKxAzNE2uGN7XBXDb8bryH446ivOGn3SsQTQ4w-~A
Request Chain 313
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=2446853442974065804
Request Chain 314
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=GBkXrRZHEvNfRciuRfSY9hD5
Request Chain 318
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1674322058547 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5792525706
Request Chain 319
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5107433826115661770
Request Chain 321
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=fdc3ae2b-2a51-4008-89ac-29177a8bf1a1&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 322
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 323
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-NdKxAzNE2uGN7XBXDb8bryH446ivOGn3SsQTQ4w-~A
Request Chain 324
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iZjY5NGVhMC02YWI3LTMxNTUtYWQ2Ni1mOTcyZmFkMTZhOTUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iZjY5NGVhMC02YWI3LTMxNTUtYWQ2Ni1mOTcyZmFkMTZhOTUyAhIGOAE=
Request Chain 325
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-NdKxAzNE2uGN7XBXDb8bryH446ivOGn3SsQTQ4w-~A
Request Chain 326
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 333
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y8wgih9Y2mshrupLH00G.AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMXcoprzAcjwcHaVQC8pOhA&google_cver=1&google_hm=2
Request Chain 334
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8wgiheGYhdkCYnE34oOuwAABH0AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8wgiheGYhdkCYnE34oOuwAABH0AAAAB&dcc=t
Request Chain 335
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y8wgiheGYhdkCYnE34oOuwAABH0AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF-oac7sCYOdlwSMRAJLqo4&google_cver=1
Request Chain 338
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y8wgiheGYhdkCYnE34oOuwAABH0AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y8wgiheGYhdkCYnE34oOuwAABH0AAAAB
Request Chain 339
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1689960459&external_user_id=3130712b-89fd-439f-9149-945d790a00c3
Request Chain 340
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2016046212463888684
Request Chain 342
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y8wgih9Y2mshrupLH00G.AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMXcoprzAcjwcHaVQC8pOhA&google_cver=1&google_hm=2
Request Chain 343
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y8wgih9Y2mshrupLH00G-AAABKQAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF-oac7sCYOdlwSMRAJLqo4&google_cver=1
Request Chain 345
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8wgih9Y2mshrupLH00G-AAABKQAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8wgih9Y2mshrupLH00G-AAABKQAAAIB&dcc=t
Request Chain 347
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y8wgih9Y2mshrupLH00G.AAA%261188 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3f0ac86e-38ab-414b-8cd7-82801c91547e-tuctac5a60a
Request Chain 348
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=6854CB30F65E4DD5AD389BA22166AC37
Request Chain 352
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2016046212463888684
Request Chain 353
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_bf1d19d0-ef0d-405b-a476-b295bf03df76&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=s_vraLf4sGmo-LhotqmlaOT_sW-o8LA75Kw6teZS HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=70e23e84-137f-4ab6-a53d-3e8ca2211bc8
Request Chain 354
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-63406a5f-bca7-40bd-6732-13b1c082dcdd$ip$81.95.5.35
Request Chain 355
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_bf1d19d0-ef0d-405b-a476-b295bf03df76&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=LeraK709trR-xyHWGVGe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2TDFOJQUWNZQHF2HEURNPB4UQV2HKZDWKJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2TDFOJQUWNZQHF2HEURNPB4UQV2HKZDWKJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=LeraK709trR-xyHWGVGe&us_privacy=1---
Request Chain 356
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4731530633
Request Chain 357
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=ltcliWkVjCRo&ev=1&pid=558355
Request Chain 358
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%282jIotWoAlcskicmEAemP2gla5hF2fxyTwlAq_5kvbYbRx8e6CXpwpmVHq2dSAP6_%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%282jIotWoAlcskicmEAemP2gla5hF2fxyTwlAq_5kvbYbRx8e6CXpwpmVHq2dSAP6_%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_f10c5f61-ad5b-405c-968f-7a8479e2e073&obuid=ENC(2jIotWoAlcskicmEAemP2gla5hF2fxyTwlAq_5kvbYbRx8e6CXpwpmVHq2dSAP6_) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DODvWQI8IBkIdwWrxhYICG2O5sRP3cO6rwYHJre8ci5Phdhz4lPA6yoYNLskMlRko%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform
Request Chain 359
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=a792799f-e1dd-4d6f-ad2b-8f5a51106918
Request Chain 360
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3FOWKw9E2pd.m48O.RNmrk41io6MsECACL6p~A
Request Chain 361
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=8cd91b7f-5bec-4cdb-9c7d-3b6b815d6b61
Request Chain 364
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=986b257b-0cbb-4dd7-bdd3-a20ad513e047
Request Chain 365
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=6210925492460689372
Request Chain 367
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2016046212463888684
Request Chain 368
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_f10c5f61-ad5b-405c-968f-7a8479e2e073&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3D70e23e84-137f-4ab6-a53d-3e8ca2211bc8 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3D70e23e84-137f-4ab6-a53d-3e8ca2211bc8 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=jwHjvmsY1PjhEu5&expires=30&ssp=gumgum2&bsw_param=70e23e84-137f-4ab6-a53d-3e8ca2211bc8 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=70e23e84-137f-4ab6-a53d-3e8ca2211bc8
Request Chain 369
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-d7af8d80-78c4-43fb-7a8a-8e3d8de89a67$ip$81.95.5.35
Request Chain 370
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_f10c5f61-ad5b-405c-968f-7a8479e2e073&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=eizd2c8NnurY6bVOfeYy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2ZLJPJSDEYZYJZXHK4SZGZRFMT3GMVMXSJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2ZLJPJSDEYZYJZXHK4SZGZRFMT3GMVMXSJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=eizd2c8NnurY6bVOfeYy&us_privacy=1---
Request Chain 371
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8927882975
Request Chain 372
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=SxmWNcUVpwUn&ev=1&pid=558355
Request Chain 373
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28ODvWQI8IBkIdwWrxhYICG2O5sRP3cO6rwYHJre8ci5Phdhz4lPA6yoYNLskMlRko%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28ODvWQI8IBkIdwWrxhYICG2O5sRP3cO6rwYHJre8ci5Phdhz4lPA6yoYNLskMlRko%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_f10c5f61-ad5b-405c-968f-7a8479e2e073&obuid=ENC(ODvWQI8IBkIdwWrxhYICG2O5sRP3cO6rwYHJre8ci5Phdhz4lPA6yoYNLskMlRko) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7191158490676590734&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING
Request Chain 374
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=a792799f-e1dd-4d6f-ad2b-8f5a51106918
Request Chain 375
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3FOWKw9E2pd.m48O.RNmrk41io6MsECACL6p~A
Request Chain 376
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=50c81bb0-3200-484b-9110-6c26cd6741e8
Request Chain 379
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=986b257b-0cbb-4dd7-bdd3-a20ad513e047
Request Chain 380
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=2034877323966781362
Request Chain 382
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Request Chain 385
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=46b763cc-208a-4f00-ab79-a1bf17620889&gdpr=0&gdpr_consent=
Request Chain 386
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y8wgigAAA8L1gAAh HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y8wgigAAA8L1gAAh&gdpr=0&gdpr_consent=&_test=Y8wgigAAA8L1gAAh
Request Chain 388
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=2016046212463888684&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=2016046212463888684brt51571674322058758286f1
Request Chain 389
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y8wgi8Co5tEAABsZD-sAAAAA
Request Chain 390
  • https://cs.admanmedia.com/sync/gumgum?puid=e_bf1d19d0-ef0d-405b-a476-b295bf03df76&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=6b792583-8817-4136-854d-4350031db03a
Request Chain 391
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y8wgih9Y2mshrupLH00G.AAA%261188
Request Chain 392
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=ffU6dhiPVn9A68e0CY6L&pi=gumgum&tc=1
Request Chain 393
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 394
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Request Chain 397
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=d02763cc-208a-4600-94d6-be2c038cecda&gdpr=0&gdpr_consent=
Request Chain 398
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y8wgigAA-aGWRQAb HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y8wgigAA-aGWRQAb&gdpr=0&gdpr_consent=&_test=Y8wgigAA-aGWRQAb
Request Chain 400
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=2016046212463888684&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=2016046212463888684brt51571674322058758286f1
Request Chain 401
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y8wgi8Co5sMAANC0Cj4AAAAA
Request Chain 402
  • https://cs.admanmedia.com/sync/gumgum?puid=e_f10c5f61-ad5b-405c-968f-7a8479e2e073&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=18eb43b6-109d-4bbb-9725-f20e32f07625
Request Chain 403
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y8wgih9Y2mshrupLH00G.AAA%261188
Request Chain 404
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=ffU6dhiPVn9A68e0CY6L&pi=gumgum&tc=1
Request Chain 405
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 407
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=amenazaytx.site&sn=ChromeSyncframe&so=3&topUrl=amenazaytx.site&bundle=t70A0l9yNFdZeGlvc0k3JTJGODZGRG9TJTJGRFNOVyUyQjhWY0hPeVc5aWZtaW1wQ1NZVUhDVyUyQm9hcFlNV2hXUmJ0Nm1lUFpYakZ5YiUyQjdTSTBrSWFsbmJwR0JsQ3ExN0hteVhCelA5d0dhOWhKUktCOWVJeWh4OFJOVTVQQW40dVVIM1J6MjNhREF6b1d6OFpWJTJCdG1mJTJCSW83dVpwUUYydyUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=IyAH7XxlZ2lKWmliVnFyR1B1azBTMGJHdkZXQzBnR1NaRXR6SnVWM0p4WVMwVDc4WHl5WVBRemlFZUMxWEtxOVBjNHZSOEVLWVpjTXNGQ2xzdURNdnpaS2pGeTI0VkFkWG9HYk9CNHNOS1JvR0NSSWtYMlIwdjl1b05NeEswSjRvd2FYMml4bEw3THFVaWhHdnA5NTZHRlBhZm9JdW45S3VRL3ZSdDkya2lKZWFqcVRBZGo5Vk81OU03UjVrbkZmc28vNVF4N2RoaGdiYm5SSjFYWlh4N0dtNmttTFVpRkpHUHFqR0VjeDJwaTNuMFIxZ0dwSkV2N2VkV3F5NENka09DZW9qM2lBblBGeXgzY0dvY3lYUVB0ZTEyYjFTUko1b2ZjaTJnUENQLzVLVXB0ND18&cppv=2
Request Chain 410
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=d96f3d5c-0bc3-4006-8890-29cf3a92c074&gdpr=0&gdpr_consent=
Request Chain 411
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08a322040308edb06ef0d5a9&gdpr=0&gdpr_consent=
Request Chain 412
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjAzNDg3NzMyMzk2Njc4MTM2Mg==&gdpr=0&gdpr_consent=
Request Chain 414
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjAzNDg3NzMyMzk2Njc4MTM2Mg==&gdpr=0&gdpr_consent=
Request Chain 415
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGsLU7HmEEAACBkRRaruA&gdpr=0
Request Chain 416
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=cYBt42f1TJyk&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 417
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y8wgigABHlv1dwAh
Request Chain 422
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/tyu2XHFeN-MaGA_FO7bTkMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PQFRiqxE2oJ_nM719snEvRePy76EIP_eqzzvvg--~A
Request Chain 423
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ2ODRFUE4tMU8tMlVVUQ==
Request Chain 424
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKmaoMRw2oM_bWhhSw057kI&google_cver=1
Request Chain 425
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OThkYjllNTdkOTgzZGNhZjA4OTAzZTU3ZGUyMzdhMDE5OWZlZWM2Mg
Request Chain 426
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=s-u4O4mjQsexTV75sW_-EA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=s-u4O4mjQsexTV75sW_-EA
Request Chain 428
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LD684EPN-1O-2UUQ
Request Chain 429
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OQAa6MEVQ-KnhDyoeS0NKw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OQAa6MEVQ-KnhDyoeS0NKw
Request Chain 435
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d02763cc-208a-4600-94d6-be2c038cecda&gdpr=0&gdpr_consent=
Request Chain 436
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6313680074340446688
Request Chain 437
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 439
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NdE-8DHSZfEu0m3wMINw8GLVZPcu2mWjYoYbh2Xp
Request Chain 441
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZxT_jxc9QsaFm8nC5lU0YQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 442
  • https://pixel.onaudience.com/?partner=214&mapped=6714FF8F-173D-42C6-859B-C9C2E6553461&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 443
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6714FF8F-173D-42C6-859B-C9C2E6553461&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6714FF8F-173D-42C6-859B-C9C2E6553461&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6714FF8F-173D-42C6-859B-C9C2E6553461&addseg=19,36,42
Request Chain 444
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjcxNEZGOEYtMTczRC00MkM2LTg1OUItQzlDMkU2NTUzNDYx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 445
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJgdOY4DCiQwBQqnIAyTdpc&google_cver=1
Request Chain 447
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7748378143796879746

448 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
amenazaytx.site/ 		103 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.2.34
Resource Hash
9e3afd8335c2469868818715de35301fc4060c5e54fa0047c0aeae6a9b52fd81
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sat, 21 Jan 2023 17:27:26 GMT
link
<https://amenazaytx.site/wp-json/>; rel="https://api.w.org/"
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.2.34
wp-emoji-release.min.js
amenazaytx.site/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 24 May 2022 23:45:53 GMT
server
LiteSpeed
etag
"48b9-628d6e31-c34caf64fe392e84;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4572
expires
Sat, 28 Jan 2023 17:27:27 GMT
style.min.css
amenazaytx.site/wp-includes/css/dist/block-library/ 		87 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 12 Jul 2022 23:44:29 GMT
server
LiteSpeed
etag
"15b64-62ce075d-be40088ceb664da0;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
10703
expires
Sat, 28 Jan 2023 17:27:27 GMT
cookie-law-info-public.css
amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/css/ 		3 KB
910 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.7
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 23 Dec 2022 14:44:31 GMT
server
LiteSpeed
etag
"c22-63a5becf-815ad1f37405df36;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
824
expires
Sat, 28 Jan 2023 17:27:27 GMT
cookie-law-info-gdpr.css
amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/css/ 		27 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.7
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 23 Dec 2022 14:44:31 GMT
server
LiteSpeed
etag
"6a71-63a5becf-995bc4419ba8c806;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4069
expires
Sat, 28 Jan 2023 17:27:27 GMT
global.min.css
amenazaytx.site/wp-content/themes/kadence/assets/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/themes/kadence/assets/css/global.min.css?ver=1.1.31
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f008162fa330a82dceb974a8e4e0ab2bfdeef1e3c2a417a0a517ccbfe4674505
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 13 Nov 2022 18:43:08 GMT
server
LiteSpeed
etag
"4bb7-63713abc-daa6b411c7136226;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4238
expires
Sat, 28 Jan 2023 17:27:27 GMT
header.min.css
amenazaytx.site/wp-content/themes/kadence/assets/css/ 		27 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/themes/kadence/assets/css/header.min.css?ver=1.1.31
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5dac274ec554db66ab7a95c4a389f1ecb3652da803eaf68cc3cae511fa44f7ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 13 Nov 2022 18:43:09 GMT
server
LiteSpeed
etag
"6c84-63713abd-47f94de2a1c697cd;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4235
expires
Sat, 28 Jan 2023 17:27:27 GMT
content.min.css
amenazaytx.site/wp-content/themes/kadence/assets/css/ 		32 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/themes/kadence/assets/css/content.min.css?ver=1.1.31
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 13 Nov 2022 18:43:08 GMT
server
LiteSpeed
etag
"7fcd-63713abc-d3e87fec4bb3ac3;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
5481
expires
Sat, 28 Jan 2023 17:27:27 GMT
sidebar.min.css
amenazaytx.site/wp-content/themes/kadence/assets/css/ 		749 B
280 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/themes/kadence/assets/css/sidebar.min.css?ver=1.1.31
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
51bb6e5e42da084b36fc157bdc14d6df9a559d918da43fd26bc9ff80d9e1b4d0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 13 Nov 2022 18:43:08 GMT
server
LiteSpeed
etag
"2ed-63713abc-6af42f615ef6b4b0;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
218
expires
Sat, 28 Jan 2023 17:27:27 GMT
footer.min.css
amenazaytx.site/wp-content/themes/kadence/assets/css/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/themes/kadence/assets/css/footer.min.css?ver=1.1.31
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 13 Nov 2022 18:43:09 GMT
server
LiteSpeed
etag
"49c0-63713abd-212bce3bfdc7c558;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1651
expires
Sat, 28 Jan 2023 17:27:27 GMT
button-styles.css
amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f46d94840c903a15d22f37b355f71205554b15abd725d6ad0d81f7ca21e8f38e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 09 Jul 2022 01:57:03 GMT
server
LiteSpeed
etag
"2293-62c8e06f-98b34d63d4f3ed6d;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1212
expires
Sat, 28 Jan 2023 17:27:27 GMT
jquery.min.js
amenazaytx.site/wp-includes/js/jquery/ 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 10 Mar 2021 20:37:24 GMT
server
LiteSpeed
etag
"15db1-60492e04-d6db397d9b8af042;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
30027
expires
Sat, 28 Jan 2023 17:27:27 GMT
jquery-migrate.min.js
amenazaytx.site/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 18 Nov 2020 14:36:06 GMT
server
LiteSpeed
etag
"2bd8-5fb53156-b75f952454f0e777;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
3984
expires
Sat, 28 Jan 2023 17:27:27 GMT
cookie-law-info-public.js
amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/js/ 		33 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.7
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 23 Dec 2022 14:44:31 GMT
server
LiteSpeed
etag
"8583-63a5becf-345abe83e0853f6a;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
7094
expires
Sat, 28 Jan 2023 17:27:27 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HVPFKTV6LZ
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4a342884f4e8c074f8361fea7eb474b64e31c45a850b37c12ea9c5c7d18ae7fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77715
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 21 Jan 2023 17:27:33 GMT
agent.js
cdn.purpleads.io/ 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15863c30adbf1f3dd1c4eb22b9ed6826d01a9beadf44db08d7ecedb6836ed131

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 12:48:01 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified
Sun, 15 Jan 2023 12:47:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
16773
etag
"0df64eee76617d6b8b842eaf114234f3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
20006
x-amz-cf-id
LpQbcreAzmvz_jMh-soiPpul8I4a_fHDzmH3eS2MMumCG2K6Az24gQ==
theme.js
cdn.eswhik.com/npm/ 		313 B
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/npm/theme.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5536aad22eaec75feb7fea986b8f40679daefaf9ad561eb2965c756d474947c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
157459
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 25 Aug 2022 17:49:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0T4pU4rORjpbBYJUIffcDkUb%2F2i66W%2BdwXGJyxELygSNM5KueSoFQcsoeVwYK9gBznNsfSRCcsq5VY4b%2FFkR1TRZbLFLLIiH6pZG9sQkLvHkiKkEuSv3rEXJ9NMCBWHxmIrYyFFjGtqREggXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2bc098b9bbe-FRA
expires
Thu, 26 Jan 2023 21:43:08 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dc4b7e55acd9cfebf785fda170afd378f8f3a3b4c04a9f7c964d5da409b82fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27723
x-xss-protection
0
server
sffe
etag
"1458 / 653 of 1000 / last-modified: 1674256154"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 21 Jan 2023 17:27:33 GMT
603d92f98981a_2103.js
cdn.sendwebpush.com/adsendwebpush/client_services/ 		1 KB
921 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sendwebpush.com/adsendwebpush/client_services/603d92f98981a_2103.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ae5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a4d1b836c2b902736e6390d5ce16ef2fb08b804585c60f4958cc2a23d7b0278

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 30 Dec 2022 16:43:35 GMT
server
cloudflare
x-amz-request-id
J17HH7Y9T2JT3YAQ
etag
W/"697bdc9e1c4066bef42ca6d6f8c97372"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
78d1c2e22b499b61-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Z8Zv0Yrwanp4DQtt8masK2SVpP2GU7hEK1jD3mjrPewBFG9KKfwmFDbTxXVJqS1J9Iwt/UR640A=
close.png
cdn.eswhik.com/img/icons/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.eswhik.com/img/icons/close.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9567220eb5f2b07603aae51a311748502edfa671e807f99196f34af344ef306

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116779
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25704
last-modified
Tue, 29 Mar 2022 01:23:54 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvXzE2rAGPrgcPnrU3X%2BGGLAFmhoYhIg5I8QnSMpd%2BuuTjWm%2BbBzH8gWf%2BULsfNP8OpVbM%2FK99I6alQ1wc3R%2FRXR4jIXbDWcZPX1Uqs%2Bz5lRL78%2BpK6ADEpNq8SyU3izNjDkrnSg6AOjk55PFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
78d1c2e07ca19bbe-FRA
expires
Fri, 27 Jan 2023 09:01:14 GMT
ip-350x250-cpm
cdn.eswhik.com/drive/ads/ 		825 B
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/ads/ip-350x250-cpm
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0121bf42f1b2aa9d0a57f8911e9a80d4744a910ccf8c1363b2ddbcf58765992e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 27 Apr 2022 02:13:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yq%2BavIlGN5Efbo1f8g2rStAvO33ggwbaEXIu5KG%2FJk3A21fNJ5VM3CqQre9eMryAmTFm13BDpKmyMEEeJm%2BPZXOElHgS0eGXvYFvJXahPUXdv9h8whjHGwf2Hr4S0xTkJVGNUOBPQXT6rGDd3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e06c6a9bbe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
elon-musk-tesla-bitcoin-768x432.png
amenazaytx.site/wp-content/uploads/2022/12/ 		452 KB
453 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/12/elon-musk-tesla-bitcoin-768x432.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bc4ff10b35a5ba443996e0aa309f63af282a2a81a02e35705430ec21892984dd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 13 Dec 2022 22:54:21 GMT
server
LiteSpeed
etag
"711a0-6399029d-cd72d1d58b00058;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
463264
expires
Sat, 28 Jan 2023 17:27:33 GMT
agent.js
cdn.purpleads.io/ 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=a2741b6d55c6d59d3ca3b61810b2a8f8:981d8d69d9e8956be89103f0d9818163818996da27ceeea35fd96916e2a07ed56d6b62a3390f00edd9911894e1fec747c911ceb89cf8fda5918f54c61b3e2916
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15863c30adbf1f3dd1c4eb22b9ed6826d01a9beadf44db08d7ecedb6836ed131

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 12:48:01 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified
Sun, 15 Jan 2023 12:47:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
16773
etag
"0df64eee76617d6b8b842eaf114234f3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
20006
x-amz-cf-id
ANC6U2Fx_5SEM2BBXoTUkoBAvE96-2tBDN3rsyxMaSmejHAbJEM9xw==
agent.js
cdn.purpleads.io/ 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=e5503a8be5c59196f7d89d8e3f76081b:dbf913c8afa5de89d6a2201b7b0168ff2e03ae5845bd84a2d8ea8b3f3876e67e82e8e6a8f68f61e4e7db1578fae8c6ec86745a077fe9c25c55d11ca810b16fb2
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15863c30adbf1f3dd1c4eb22b9ed6826d01a9beadf44db08d7ecedb6836ed131

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 12:48:01 GMT
content-encoding
gzip
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified
Sun, 15 Jan 2023 12:47:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
16773
etag
"0df64eee76617d6b8b842eaf114234f3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
20006
x-amz-cf-id
M7hLBrgAYa7ZDXTw0u4xsXSMw6YeC9W_1sXet_ZbNm0_YbPk99OgjQ==
cookie-law-info-table.css
amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?ver=3.0.7
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 23 Dec 2022 14:44:31 GMT
server
LiteSpeed
etag
"17e1-63a5becf-70daee6a639c4f19;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1604
expires
Sat, 28 Jan 2023 17:27:33 GMT
navigation.min.js
amenazaytx.site/wp-content/themes/kadence/assets/js/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.1.31
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
dcc19958809bc3db2abb40ba313906fe1bfa2c235357f39da400709e9c79c1e7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 13 Nov 2022 18:43:08 GMT
server
LiteSpeed
etag
"543e-63713abc-ea992678d409601;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
5227
expires
Sat, 28 Jan 2023 17:27:33 GMT
dashicons.min.css
amenazaytx.site/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-includes/css/dashicons.min.css
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:30 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 04 Mar 2021 02:46:22 GMT
server
LiteSpeed
etag
"e688-604049fe-7d38d0da2325dc9e;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
35099
expires
Sat, 28 Jan 2023 17:27:30 GMT
font-awesome.min.css
amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 		86 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/font-awesome.min.css
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:30 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 09 Jul 2022 01:57:03 GMT
server
LiteSpeed
etag
"159d8-62c8e06f-d25236d0135ca3e9;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
11531
expires
Sat, 28 Jan 2023 17:27:30 GMT
tags
cdn.eswhik.com/npm/ 		1 KB
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/npm/tags
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/theme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2804abe47f80f47f18c36af50e7bf8e520e37eea1b8426110e8f7b2e0cbf4ce6

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 18 Oct 2022 18:01:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wFaRoXrR3QYXeN3HQu5A%2Bxm5XJ8Ns8cTbow%2B5iwf0yY3omraoP4BykpGkq9niAuxlcXq1RhodjTKZ9G%2B86GmFIXtE0huXRdbFb%2FfBVdG%2FqsRa9jEm1nuGqK%2BVY4Rjq0GmTtBM4TI7dov01%2F7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e07c9c9bbe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
init
api.purpleads.io/x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1674322053365
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:33 GMT
x-request-id
0df74ecf-9132-44b7-b012-3756e055cc50
init
api.purpleads.io/x/ 		87 B
381 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1674322053365
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
etag
W/"57-rJEPlnm9gFYJQ15PqJcM33T6S4Y"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
content-length
87
x-request-id
2db1cfc7-0639-48c2-87b0-87be9a709723
collect
region1.google-analytics.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HVPFKTV6LZ&gtm=2oe1i0&_p=390999659&cid=190685867.1674322054&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674322053&sct=1&seg=0&dl=https%3A%2F%2Famenazaytx.site%2F&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVPFKTV6LZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery-3.5.1.min.js
cdn.eswhik.com/drive/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/jquery/jquery-3.5.1.min.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 00:26:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
157976
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7ivje0Z31fpkOSfps2YiiRoAD36YscHCF9KBitZjmoSKDTG8JMg0NRRGGZpXEv98b141uogcxdLovWCWCODsfGldWwa8PcEKHIH1U5q1%2B%2Fn%2BYYJxyzYo34q%2F%2F%2Bvf8lRSIB8jT%2BCjXkY0eh%2BSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e279bc9bbe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 26 Jan 2023 21:34:37 GMT
config
eswhik.github.io/drive/buttons/z1/ 		381 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://eswhik.github.io/drive/buttons/z1/config
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
a675db82126493bf9927ab29dba89f77e0e763622eb5f7725af4aa10b204c807
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-fastly-request-id
4bcb1adcc3a5238ea74597ddcb056e81bc09cd6d
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Sat, 21 Jan 2023 17:27:33 GMT
age
0
x-cache
HIT
x-cache-hits
1
x-proxy-cache
MISS
content-length
198
x-served-by
cache-hhn-etou8220093-HHN
last-modified
Thu, 24 Nov 2022 16:49:30 GMT
server
GitHub.com
x-github-request-id
C280:305A:1089ABD:170AF74:63CBC029
x-timer
S1674322054.549279,VS0,VE95
etag
W/"637fa09a-17d"
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Sat, 21 Jan 2023 10:46:25 GMT
300x250-cpm.js
cdn.eswhik.com/drive/script/ 		2 KB
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/300x250-cpm.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b82df01256e32a7e0225fcd06012bba6d8ea272a96f3e43a5331a059fc170d4

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
157975
cf-polished
origSize=2243
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 27 Apr 2022 02:07:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jK3hz2pmT67kadaVsACn63b971wo4osCtHfihJdvIi5Oj3In4sOQepFyJpynfemuzmw7uxICwhg7FuFj%2FSgfbOh%2FOkbS7hYLwFBYd3b13AB0qhfnBQMoEc4pxMneA3FtSUDDDYKCNF8NYtFUdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e279c69bbe-FRA
expires
Thu, 26 Jan 2023 21:34:37 GMT
analytics-eswhik
cdn.eswhik.com/ 		668 B
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/analytics-eswhik
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54e5a87d0b6a722ce2c8f0950e23f6b8205f391eaf52a4c10c8956b1560d3a52

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 20 May 2022 20:46:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjUMTQ29ps%2BtPpXTKKmtCDchjPeVv7qbt0W9DkkT4VH81qjndYfZQDaUklFIfFRKZTUVbpP3Baf%2FeXDjIElpq%2BmaWn9Qkzt4HsfPgeH2qHsrYDaxvnMBShgtv4OkdYvrwRVRZht9gQmG%2FibhhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e279c89bbe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sites
cdn.eswhik.com/drive/reCAPTCHA/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/reCAPTCHA/sites
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers
Sistema-Blogger-2.0
cdn.eswhik.com/drive/reCAPTCHA/ 		556 B
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/reCAPTCHA/Sistema-Blogger-2.0
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f14b612adef254430bdf87ec7405512fe8f5d39de4d789841d1239ef6420492

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 10 May 2022 18:21:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGE4EzydjBv38gFQ03%2Fj6NRI9IKH7lPhZmjAKQSqJ8glOMNcMulHFRkP2OnpAdfCSJSdqHuOUK8bgVLYpoim8wYMX2M%2FGL7%2BFeLmfRML4lTwuRNG9DQVwHCKrwSves724qhEfpIOftjpN8nttQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e279cb9bbe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
api-popunder.js
cdn.eswhik.com/drive/script/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/api-popunder.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
820a1fddd5a609082271df120797fde740e6114eef0efe101b9a57d9158e6036

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
157975
cf-polished
origSize=4051
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 02 May 2022 21:30:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvYSEF%2F9MBU8nwKZ6n1cu510vMG0pejSg1zgGzOG55D9ultdF4cG1%2Fe8zv%2BL%2BnbYQZjNap7EGiqcGPZyc3i4WV4K%2Bk8EAiKBp7p2wpKvsyIi5KDRRriBr6iTLgKrjlDkvf1UeiB5o%2FPRN%2FNJCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e279cc9bbe-FRA
expires
Thu, 26 Jan 2023 21:34:37 GMT
pregressAdTime
cdn.eswhik.com/drive/tags/ 		306 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/tags/pregressAdTime
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e11a1b1adf786512587e757e9b095ffc77770f5a6dbaa66615398bc903fab82e

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 10 May 2022 01:05:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrYA5HGr4R1DVg3R%2Fi%2FWVpdFolCVuU%2B3XB4IZKcivgZUC1gXn1KyQjphhwxobqmfrVvLNe1agXnLv2gwygQ0ol1GbB7a91%2FvAzkpk04rXILusBj%2B11Zueo0L4ebWXvF82FCYM9Us8ifVsrFhlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e279cd9bbe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Eswhik-CPM-2.0.css
cdn.eswhik.com/drive/css/ 		946 B
742 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/css/Eswhik-CPM-2.0.css
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97b42f5456d33762968c00d290a9c536564d2cfd693fc15cf81a454d72e06610

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
157975
cf-polished
origSize=1003
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 10 May 2022 17:35:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LFjtw3CA6hrV4RTYdHHsalUyfR%2FlPb2337NyCoHGhovkh7bPWRX4bNkKpydcVX6bCSGr4UZ08GEvf31Kjjqo9pEgSueMiIkeE8lZDOzihI%2BZspvl7pzfy7cgP9IlKBaZL7cWpPedNOkg6HTBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e279bf9bbe-FRA
expires
Thu, 26 Jan 2023 21:34:37 GMT
api-eswhik-push
cdn.eswhik.com/drive/api/ 		290 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/api/api-eswhik-push
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac34695b72e4e902bba01b5ef320dcd2aa03edf02bfb909a3ca23b9d2607899c

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified
Thu, 02 Jun 2022 22:29:22 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IX5Pwg2WGE9CAmV0e76hFV1q1Ke0v9CY44CgZOnE4oQRJJCdqOR3it%2B93dz%2FlogjSgMCWMudalirnU0HMce8Splr2uaJCptm%2FXUQStSYLWJ01O2bQXTHZZPqulUXxM5SWxnMST74lMW1t7Tcvw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
78d1c2e279ce9bbe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
290
copyright-eswhik.js
cdn.eswhik.com/drive/script/ 		218 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/copyright-eswhik.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a531463641125977e3c0db5fb89fde3ecd4b0ac25ea0aceb3c235dd55a5472c

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
155352
cf-polished
origSize=276
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 03 Jun 2022 22:24:46 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cLdUIW4cnJfbXhEUiA7krcZwoLhsF%2FjChJS9E%2FhfKsk3L6Nz0uX0dJbynN%2B3jyxqg%2BAkpunjKlz0H%2FsTLDj82vEUfpVsY1H4PqpiGJK%2Fkb7FlcpvnvgtG0B8CJmINbWZtlJrYyZtK9%2F8%2FRKBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e289d29bbe-FRA
expires
Thu, 26 Jan 2023 22:18:21 GMT
api-eswhik-cpm-v2
cdn.eswhik.com/drive/api/ 		299 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/api/api-eswhik-cpm-v2
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e517ad8e188a0988539134143b8bdd42ae4bbeb66c9fa45fb4407489050d0e8

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified
Fri, 03 Jun 2022 22:29:28 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0Nj8ed2CVE9tswH%2FGKMzt0FfX6WjGPW%2Fe1BkRb9AjLmWhqBiIZYCtfX%2BcAcdOoM%2B2tOzLPdGX13CvdgnFjGGxJDF1LABE9qDaGu9LYd1nyplYBoMIFgX4qaQQeQHavAt7FjRs0VrtGsEjoHjA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
78d1c2e289d89bbe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
299
style-scripts-eswhik-premium.css
cdn.eswhik.com/drive/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/css/style-scripts-eswhik-premium.css
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22c72dadcee3108bec75726d338589e95b3e4f3800336c966a4f03f62a0ef7a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
157975
cf-polished
origSize=4757
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 08 Dec 2022 23:48:33 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ii27zWyzKf8sAXiE4JOzJUW5nEwT34Y6Ue4qUM8etoJ84TdGhhag8Q2KBaMj7rZ6HqZIjOvEqMdVPbZF6VaWeOqQggtAbdm7kzzSXLL52qz%2F0Zst5rB36JAByujpSdfFE1hXmyskN55MmkO9uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e279c19bbe-FRA
expires
Thu, 26 Jan 2023 21:34:37 GMT
load-scripts-eswhik-premium.js
cdn.eswhik.com/drive/script/ 		990 B
801 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/load-scripts-eswhik-premium.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db3c4bd109137190d4a6cdb66954772cf7d0072d3e202fa6ce7ca40a2f70a65e

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
155985
cf-polished
origSize=1160
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 30 Aug 2022 22:24:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvsVnj2fbN0dNSxxWA8%2FPieiOcmMi54KBUBDahSdyHgdYO%2B4PwO0v81%2BMDtZM7YCCQwkF4DrFSZzkOOlUOWxrXT10DYyQSNN6SZUPumjzHDI9Uu2R7ieeuF2tXCsp5yji2HG0kylOJMXZ6OgVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e289d99bbe-FRA
expires
Thu, 26 Jan 2023 22:07:48 GMT
/
api.purpleads.io/x/b/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=3cdaca6159a142d1bdbe40498076535e&sizes=[[970,250],[970,90],[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=74b6a5e1-3cc0-4279-b002-038e6700372b&ts=1674322053570
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash
b3b21d3c56aeef3518b68c85bd9781959252945de5eaf59a513a6075ec14448c

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
gzip
pa-user-id
4ccb2596-8256-4e7e-bac9-f1b843b2f6f5
etag
W/"e0b-l7WsWre/1kJJvs8xSfN49PU4DJk"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
d387f4c9-f9c9-408c-b154-49980a4b6de5
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=3cdaca6159a142d1bdbe40498076535e&sizes=[[970,250],[970,90],[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=74b6a5e1-3cc0-4279-b002-038e6700372b&ts=1674322053570
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:33 GMT
x-request-id
1ea98709-ccec-4c24-a1ec-1cd96615f3da
style.css
eswhik.github.io/drive/buttons/z1/ 		6 KB
1000 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eswhik.github.io/drive/buttons/z1/style.css
Requested by
Host: eswhik.github.io
URL: https://eswhik.github.io/drive/buttons/z1/config
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
bd910a0e75b960acc6dd11ac4d5064f949e2597fdee997ee19b0fd7f55176e56
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-fastly-request-id
5efccd1b350f74f01ffa7c673d4b61559f0b04d5
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Sat, 21 Jan 2023 17:27:33 GMT
age
0
x-cache
HIT
x-cache-hits
1
x-proxy-cache
MISS
content-length
816
x-served-by
cache-hhn-etou8220093-HHN
last-modified
Thu, 24 Nov 2022 16:49:30 GMT
server
GitHub.com
x-github-request-id
7A26:2B30:9A4676:C81C59:63C98729
x-timer
S1674322054.687994,VS0,VE99
etag
W/"637fa09a-1618"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Thu, 19 Jan 2023 18:18:41 GMT
ionicons.esm.js
unpkg.com/ionicons@5.5.2/dist/ionicons/ 		399 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.5.2/dist/ionicons/ionicons.esm.js
Requested by
Host: eswhik.github.io
URL: https://eswhik.github.io/drive/buttons/z1/config
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20193736d900f0b602a678f804676349764578ab2adcd07ffebb6d06df1afd96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://amenazaytx.site/
Origin
https://amenazaytx.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
28257025
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FX0HY31EYH6AT0W2TD3SC57Y-fra
server
cloudflare
etag
W/"18f-B+zGUTbQ1uVsG8y1uf+53Qdwne0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78d1c2e3d83b9128-FRA
error
eswhik.github.io/drive/buttons/z1/ 		23 B
205 B 		Script
General
Check archive.org
Download Go to
Full URL
https://eswhik.github.io/drive/buttons/z1/error
Requested by
Host: eswhik.github.io
URL: https://eswhik.github.io/drive/buttons/z1/config
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
7520d7376659fb82408fb03f940ca06a2ae4ba9723394ace502a90d0c06a9da7
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-fastly-request-id
100336c431bcbb6dd346060f7aff16f4d00a9105
strict-transport-security
max-age=31556952
date
Sat, 21 Jan 2023 17:27:33 GMT
via
1.1 varnish
x-cache-hits
1
age
0
x-cache
HIT
x-proxy-cache
HIT
content-length
23
x-served-by
cache-hhn-etou8220093-HHN
last-modified
Thu, 24 Nov 2022 16:49:30 GMT
server
GitHub.com
x-github-request-id
BC2A:92CE:3D32F6:50B801:63C9C1AF
x-timer
S1674322054.689191,VS0,VE90
etag
"637fa09a-17"
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
expires
Thu, 19 Jan 2023 22:25:15 GMT
p-e26ac56f.js
unpkg.com/ionicons@5.5.2/dist/ionicons/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.5.2/dist/ionicons/p-e26ac56f.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
411ebf3f42ff97b8fdcb02ef60f534e0fd011b86878ec33abf2509b4bfe58037
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://unpkg.com/ionicons@5.5.2/dist/ionicons/ionicons.esm.js
Origin
https://amenazaytx.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
31224755
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FT83NVP6WJMWN2JWNSGRRXR1
server
cloudflare
etag
W/"1d56-gDHdPSZYuc2h8Mf9Yj/8nfSlS9o"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78d1c2e469559128-FRA
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GG2SR4CZDE
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/analytics-eswhik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b626f538b29b45c89cb8ea1771518cc770d7f6a7f70ce03a1f82ddc737799493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77701
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 21 Jan 2023 17:27:33 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GG2SR4CZDE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVPFKTV6LZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8cb657cb1b7274970d3ccaff6cda82b20c95f1a3357e4fe941ccd90bb3e92ab6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77652
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 21 Jan 2023 17:27:33 GMT
js
www.googletagmanager.com/gtag/ 		220 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2ZXVHQW49E
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/analytics-eswhik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e08ae450b1c82b16bb7d6881208f351630e80eb96dc16ba085470178b8ddc6ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78731
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 21 Jan 2023 17:27:33 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2ZXVHQW49E&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVPFKTV6LZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b94d71810c0fdafa6b0fe136789371d9275ac46703510d6802db6f7e32106e1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77845
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 21 Jan 2023 17:27:33 GMT
api.js
www.google.com/recaptcha/ 		909 B
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/reCAPTCHA/Sistema-Blogger-2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3a696b72625c76c1c238f9a1f4a84549ab2af6a805ae2dd7c1cac6c429454f1c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
579
x-xss-protection
1; mode=block
expires
Sat, 21 Jan 2023 17:27:33 GMT
pregressAdTime.css
cdn.eswhik.com/drive/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/css/pregressAdTime.css
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/tags/pregressAdTime
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb28d5000b17859dbee113b7ac6558134eaf9ab5bba8b41d48c1610e8804b596

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
211106
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 10 May 2022 00:45:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eleuJSBiU0eyOL9yClY9FO3II6qNbnYycHLaFzth9DdAY%2B0MaTtT2ThbucUavB6jbgP8lQKDpY%2BICo33nkVAbfXD5NfbdJm6wBanEEcgWNENhmcMP1%2Bb6OEVBTX7v02DuZ0KuN7rGGDnNsbbfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e4cf019bbe-FRA
expires
Thu, 26 Jan 2023 06:49:07 GMT
progressAd.js
cdn.eswhik.com/drive/script/ 		1 KB
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/progressAd.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/tags/pregressAdTime
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83e9a2e4876f61521aed687586e4840c65bf58d912a4a381440acf47577ea62c

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
155349
cf-polished
origSize=1645
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 09 May 2022 23:29:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BjlPbAba7Fo%2BkWIt9gweEtyCIycWmyOq6EsC8fSDtp%2FkDRFcaGFqQbtUXHaefLI8ZLFIqEu1KmEjB%2BbA7SwgyTk69SguiMmdD8yycaltEqmGopRezwelUyQTeqpNaxPRrZq1gOwNRt7yCP%2FlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e4cf0a9bbe-FRA
expires
Thu, 26 Jan 2023 22:18:24 GMT
ConfigProgressAd.js
cdn.eswhik.com/drive/script/ 		411 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/ConfigProgressAd.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/tags/pregressAdTime
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1928021ac2964da4cb99e2cb77e08d93d00cfe849c65fbce3587231837b6c29

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 21 Jan 2023 17:27:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
155349
cf-polished
origSize=533
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 10 May 2022 01:04:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqGQCx1E3tn2qT%2FSsQ2CXSHG2aiVUGW5ngAtoZ3ISqCP%2FWd2ybw1yMG1k7K3qPA%2ForgxLhOdWfkv%2BjSUptnLcINb0JHPpaipe5THBFkpP%2BFzentlIzTMhIHwczMbytaGO39YPXeVbk4%2Fq89Dag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e4cf0c9bbe-FRA
expires
Thu, 26 Jan 2023 22:18:24 GMT
eswhik-push
cdn.eswhik.com/drive/tags/ 		174 B
448 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/tags/eswhik-push
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/api/api-eswhik-push
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0afa89cb6e2f3db520516d605e1bfcc52b0818c0bacc2ccdbc36a99c1e2b40e3

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 02 Jun 2022 22:28:26 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSrnoDvaTo1iNUDLCslIkuYu894EJnpMxuXOQGcPWjJ3lksPBcbXy87VOxeUXM2Tz1LeSKu%2B86aZF0ntvjekkm3ny%2BjBhdXwlu3UJmJkjAab51UTfmDkSV4r%2F%2BoYyT4XQJ8UcFdbqSDMi9v1Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e50fa69bbe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/ 		404 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11401b059365dd387ba607aa55ca532d326d764253ea85de141a4423cedfef27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
Origin
https://amenazaytx.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 11:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21862
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
165715
x-xss-protection
0
last-modified
Mon, 16 Jan 2023 01:02:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 11:23:12 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG2SR4CZDE&gtm=2oe1i0&_p=390999659&cid=190685867.1674322054&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674322054&sct=1&seg=0&dl=https%3A%2F%2Famenazaytx.site%2F&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG2SR4CZDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2ZXVHQW49E&gtm=2oe1i0&_p=390999659&cid=190685867.1674322054&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674322054&sct=1&seg=0&dl=https%3A%2F%2Famenazaytx.site%2F&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2ZXVHQW49E&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
eswhik-push.css
cdn.eswhik.com/drive/css/ 		1 KB
996 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/css/eswhik-push.css
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/tags/eswhik-push
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9337d4581e7a2b92236a8b8de8d8170c3fdd70c02533afe58c9a1295b69031d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
155349
cf-polished
origSize=1506
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Jun 2022 22:21:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vq2HCzYEXEQrCVxeNHxAE1xxJnm8tHvbDRfXJTf6DpCU5JiGObas5G2C9dHfzH4zJ8InC1nB8ksjUToQDynVKDbAWb%2BHEjFESEio4riUPByNj974jnRirc%2FZvc72nT8Kdregrx%2Fffz1smXgeEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e63a689bbe-FRA
expires
Thu, 26 Jan 2023 22:18:25 GMT
eswhik-push.js
cdn.eswhik.com/drive/script/ 		220 B
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/eswhik-push.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/tags/eswhik-push
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad5d6395683df0773cfe7fa4d5a43d0f80399e6000469783a2dcae9522902986

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
155349
cf-polished
origSize=290
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 03 Jun 2022 01:15:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85vGbonhtXSGqtRVO2fqvPR3T1hniyCedbPSiKeY6lOr%2Fqj9gQLkeEnifiGezJVlsCvbazN3OJmESauDQGFXjSkeAZlbSCeCaqdNs8%2F3NTpNaKIvUtqgRIDqc4kf1LAmZAVjM%2BT2BMDGSdkxog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e63a739bbe-FRA
expires
Thu, 26 Jan 2023 22:18:25 GMT
cpm-script-v2-eswhik
cdn.eswhik.com/drive/tags/ 		108 B
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/tags/cpm-script-v2-eswhik
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/api/api-eswhik-cpm-v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f4d3d0e7fd1a21de4e275fd70b4ad1c4534abb87f800475966bfd3bff0d56e1

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 03 Jun 2022 23:04:16 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HDkF3x6zaactpsOFBH%2BFwY4o30gjLS0H3W3ke7g63NNieBAtxtrDc%2FtvFgcHE0jma1ZFg00lp08%2Bg0Z8S4obTHTOupW57j8smwoDCNg700Y95mEFiQZqk%2Bb5TxgIe%2Fbra45nT15E7Iek9DsIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e66ac89bbe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cpm-script-v2-eswhik.css
cdn.eswhik.com/drive/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/css/cpm-script-v2-eswhik.css
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/tags/cpm-script-v2-eswhik
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be53e65e477f21d0e1df301be1077c090084ff561f2023eff0600841a4433c9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132726
cf-polished
origSize=1303
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 03 Jun 2022 22:21:18 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1p8YLtToW8ExnlrVXXT7aS%2FFdb2uJ2Y4JU7MpTHzU%2BZxUMZ9aDuOsz28O8pBJBOShLzqhUxwiz5ntUmqe5M3Vie12Yp2VsKeA4a9C9xhVpf6K5ZS9gNk%2Fa9FlfAxTz3vXbborqLctdaZaOEFYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78d1c2e7793e9b37-FRA
expires
Fri, 27 Jan 2023 04:35:28 GMT
prebid-2022-12-27.js
cdn.psdn.xyz/ Frame 800B 		371 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.psdn.xyz/prebid-2022-12-27.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
7899e4ccdbb66bba8489aec160f24c1cb19781ae6811fc9ec69f582697e35a4b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Tue, 27 Dec 2022 13:09:50 GMT
x-sp-metadata
HS256.CJbdsJ4GEoUBCiQ0NjkzNzg5Zi00M2QzLTQ2YjctOTE2Ni04NzMyMGNmOTQ5MGQQgMGmkNnD+wIaBgiGwbCeBiIKODEuOTUuNS4zNSjstwMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDI2YjZhYzg0LTA5NTItNDQxYS05NTI1LTI0YmU4MzBiNWYzYhjHwAciGAgCEhRjZHMyMjMuZnI4Lmh3Y2RuLm5ldA==.PxzeNytHb3PYv3cHWZbfqs9B4OssBfPlmRb9ffgGN1o=
x-amz-request-id
tx000000000000219c93b6d-0063aaeea7-34c6886a-nyc3b
etag
"e07bb8c29b8196e635a7e649e961ba8b"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1674322054.dop245.fr8.t,1674322054.cds203.fr8.hn,1674322054.cds223.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
content-length
122951
Dark-Eswhik.png
eswhik.github.io/ad_pub_002/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eswhik.github.io/ad_pub_002/Dark-Eswhik.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
2cd28b80d9e535057a264ac2c787339c3a6e114da736881003dfd5e98ad3de47
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-fastly-request-id
83989b876bf9f1383e03547c203dea41c3686fa8
strict-transport-security
max-age=31556952
date
Sat, 21 Jan 2023 17:27:34 GMT
via
1.1 varnish
x-cache-hits
1
age
0
x-cache
HIT
x-proxy-cache
MISS
content-length
23279
x-served-by
cache-hhn-etou8220093-HHN
last-modified
Fri, 25 Mar 2022 00:52:21 GMT
server
GitHub.com
x-github-request-id
1036:4B9F:ABF172:E85311:63CC1A7D
x-timer
S1674322054.377577,VS0,VE100
etag
"623d1245-5aef"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Sat, 21 Jan 2023 17:11:49 GMT
pubads_impl_2023011701.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1187aaf2d088463fbbbaa64b5f8c3f981297c56c8ce9058084542ae4a3dc62c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 21:27:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
331186
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133140
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 09:35:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 17 Jan 2024 21:27:48 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		273 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=amenazaytx.site
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36c0e61e59f0da1ef6f6d37f2e5e114bed1e19a12ab9506ef90db93a06277235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130
x-xss-protection
0
expires
Sat, 21 Jan 2023 17:27:34 GMT
ads-server.js
cdn.sendwebpush.com/adsendwebpush/server_services/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sendwebpush.com/adsendwebpush/server_services/ads-server.js
Requested by
Host: cdn.sendwebpush.com
URL: https://cdn.sendwebpush.com/adsendwebpush/client_services/603d92f98981a_2103.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ae5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7195d5522c8828139ebb1194841d31af4adfacde3686412dc8980fe2e229387

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 03:15:20 GMT
server
cloudflare
x-amz-request-id
WKCDYKJZXNYAP6P0
age
47515
etag
W/"a65532bd0eaa2e5387a6e8661bba0818"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
78d1c2e7f9489b61-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
IURZNEUD3csMlXTXtRL0tYFp8HvLbV8hypMXvvYNx0xsj6nKlt193b0WEtfBgccX7ZvXvGJUGGU=
blog3-e1670098934482-768x432.png
amenazaytx.site/wp-content/uploads/2022/12/ 		328 KB
328 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/12/blog3-e1670098934482-768x432.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1ed6438bfe41ea5183dba8da3c961dfa38e3090c39d6694fc5dd974f57ca56cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 03 Dec 2022 20:22:18 GMT
server
LiteSpeed
etag
"51e51-638baffa-48b4c670b0f41988;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
335441
expires
Sat, 28 Jan 2023 17:27:34 GMT
como-administrar-el-dinero-768x512.jpg
amenazaytx.site/wp-content/uploads/2022/12/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/12/como-administrar-el-dinero-768x512.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d190fcd22bee0b1952bd5d85ab6db8eff58d036a0208f762a4545057894ac559
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 03 Dec 2022 20:10:07 GMT
server
LiteSpeed
etag
"11ac1-638bad1f-38db3aad284830bb;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
72385
expires
Sat, 28 Jan 2023 17:27:34 GMT
1-7-768x432.jpg
amenazaytx.site/wp-content/uploads/2022/11/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/11/1-7-768x432.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e4f011e9a762c0349e2f4aa73435601afa2f5b7c86634b1d13052dee04e9897d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 16 Nov 2022 16:46:36 GMT
server
LiteSpeed
etag
"130df-637513ec-9e8536cd8492583a;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
78047
expires
Sat, 28 Jan 2023 17:27:34 GMT
whatsapp-plus-768x413.jpg
amenazaytx.site/wp-content/uploads/2022/11/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/11/whatsapp-plus-768x413.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
34dd97dc4df4b7473a8c722f5ee839300e53b5a2aefb2a051f6066bb93834e68
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 07 Nov 2022 14:55:35 GMT
server
LiteSpeed
etag
"59d9-63691c67-a5bfeb7144825637;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
23001
expires
Sat, 28 Jan 2023 17:27:34 GMT
CG_como-funciona-o-seguro-de-vida-ij_235111542.jpg
amenazaytx.site/wp-content/uploads/2022/10/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/10/CG_como-funciona-o-seguro-de-vida-ij_235111542.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
708a6d945667538389adeb9c23a11b00454203b2fd404b12895dd1d299a8be17
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 11 Oct 2022 22:19:04 GMT
server
LiteSpeed
etag
"9223-6345ebd8-6f9f73b26479a90;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
37411
expires
Sat, 28 Jan 2023 17:27:34 GMT
Como-aproveitar-a-variacao-do-dolar-para-investir-1-1536x864-1-768x432.png
amenazaytx.site/wp-content/uploads/2022/09/ 		472 KB
472 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/09/Como-aproveitar-a-variacao-do-dolar-para-investir-1-1536x864-1-768x432.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8ac459d121d8925bf01df7171ad77cf4d71374605c8eea575b68b2adfc005921
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 21 Sep 2022 22:05:05 GMT
server
LiteSpeed
etag
"75ec7-632b8a91-82bca3d32bb74308;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
483015
expires
Sat, 28 Jan 2023 17:27:34 GMT
tutorial-config-dvr-dahua-768x383.jpg
amenazaytx.site/wp-content/uploads/2022/05/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/05/tutorial-config-dvr-dahua-768x383.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
db355226168af7d46d5cef627cd58bac67c728ab4d22e1c6b4a47af69f8b951e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 12 May 2022 00:47:12 GMT
server
LiteSpeed
etag
"7ca4-627c5910-ae1ea68edab82e21;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
31908
expires
Sat, 28 Jan 2023 17:27:34 GMT
transferencia-web_10611-1-768x512.jpg
amenazaytx.site/wp-content/uploads/2022/05/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/05/transferencia-web_10611-1-768x512.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7fde7ce58c8978f3beb20f0406165d41a9700189b99b314c9d10220237ecb484
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 12 May 2022 00:46:27 GMT
server
LiteSpeed
etag
"4147-627c58e3-e98c88fdef01f63;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
16711
expires
Sat, 28 Jan 2023 17:27:34 GMT
maxresdefault-13-768x432.jpg
amenazaytx.site/wp-content/uploads/2022/05/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/05/maxresdefault-13-768x432.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7816252ae6607ec390b3c7c0a7223949d21681bd07452c96997ddb4979b56973
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 12 May 2022 00:45:40 GMT
server
LiteSpeed
etag
"dfde-627c58b4-11c1504791f81904;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
57310
expires
Sat, 28 Jan 2023 17:27:34 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.sendwebpush.com
URL: https://cdn.sendwebpush.com/adsendwebpush/server_services/ads-server.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Jan 2023 16:21:47 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3947
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20085
expires
Sat, 21 Jan 2023 18:21:47 GMT
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=1&pid=3cdaca6159a142d1bdbe40498076535e&sizes=[[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=a6b28713-ece0-46e7-95b6-1e2c63d255b5&ts=1674322054578
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:34 GMT
x-request-id
06e346c4-4a31-4fb1-bc2f-6bb55c86fd0f
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=2&pid=3cdaca6159a142d1bdbe40498076535e&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=7c27eb7e-aa62-4b64-ad9d-dabe753e347a&ts=1674322054579
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:34 GMT
x-request-id
00191e02-5154-4d0a-8591-1ca3d711818d
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=3&pid=3cdaca6159a142d1bdbe40498076535e&sizes=[[970,250],[970,90],[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=583d86e1-6800-4028-94a3-633c7a611208&ts=1674322054579
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:34 GMT
x-request-id
8a71a343-aa45-4c37-bbe4-261881562685
/
api.purpleads.io/x/b/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=1&pid=3cdaca6159a142d1bdbe40498076535e&sizes=[[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=a6b28713-ece0-46e7-95b6-1e2c63d255b5&ts=1674322054578
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash
6a1d76d425f41c99d8cff3d7889f0bf86bc1cde398c9e0669f1b396022963d66

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a2741b6d55c6d59d3ca3b61810b2a8f8:981d8d69d9e8956be89103f0d9818163818996da27ceeea35fd96916e2a07ed56d6b62a3390f00edd9911894e1fec747c911ceb89cf8fda5918f54c61b3e2916
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Sat, 21 Jan 2023 17:27:35 GMT
content-encoding
gzip
pa-user-id
cb46a70e-aa74-4937-907e-4e482f3f2788
etag
W/"9a1-VOBfJkY6knaYwPRHNXE7LZdlubA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
fcac88f4-05ab-4978-8b11-40a66f976d66
/
api.purpleads.io/x/b/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=2&pid=3cdaca6159a142d1bdbe40498076535e&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=7c27eb7e-aa62-4b64-ad9d-dabe753e347a&ts=1674322054579
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash
896290559ddc780fd56f1eb8c1e8c34c4dda9c7b32a7915d875484491acaac09

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
gzip
pa-user-id
e5bb5464-6054-4615-bc6a-d7efac26a26e
etag
W/"db1-5xrGA1zGLjuhmVyHJQOg4w5qRnI"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
02e9644e-4301-4af8-91fc-06eb91d65afd
/
api.purpleads.io/x/b/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=3&pid=3cdaca6159a142d1bdbe40498076535e&sizes=[[970,250],[970,90],[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=583d86e1-6800-4028-94a3-633c7a611208&ts=1674322054579
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash
29daa0d83abf3a2af7c3d706c94b9ea7f15b519cb7cb949c2375654f34398c41

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer e5503a8be5c59196f7d89d8e3f76081b:dbf913c8afa5de89d6a2201b7b0168ff2e03ae5845bd84a2d8ea8b3f3876e67e82e8e6a8f68f61e4e7db1578fae8c6ec86745a077fe9c25c55d11ca810b16fb2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
gzip
pa-user-id
e40cd9f1-7679-41e0-bca5-13a92e91ea01
etag
W/"e0b-dSIPOT6tc9L2KwtV/MtvFXG5nEM"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
df7b0712-f5f6-46e2-be42-b841cda1bca2
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=amenazaytx.site
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=amenazaytx.site
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		34 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3706114325189126&correlator=618828711354839&eid=31071678%2C31071687&output=ldjh&gdfp_req=1&vrg=2023011701&ptt=17&impl=fifs&iu_parts=21902364955%3A22623907295%2Ccm_as_amenazaytx.site_content_type_general_social_btf_fixed_top%2Ccm_as_amenazaytx.site_content_type_general_social_btf_fixed_interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=2027485967&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1674322054686&lmt=1674322054&dlt=1674322047017&idt=7482&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Famenazaytx.site%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=190685867.1674322054&ga_sid=1674322055&ga_hid=390999659&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
240b7c14205d1c51fe63edc40a4da6598071bdb67a0823dcebbc711214d61aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12941
x-xss-protection
0
google-lineitem-id
6133906979
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138407859876
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		57 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3706114325189126&correlator=618828711354839&eid=31071678%2C31071687&output=ldjh&gdfp_req=1&vrg=2023011701&ptt=17&impl=fifs&iu_parts=21902364955%3A22623907295%2Ccm_as_amenazaytx.site_content_type_general_social_btf_fixed_top%2Ccm_as_amenazaytx.site_content_type_general_social_btf_fixed_300x60&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x60&ifi=2&adks=841822932&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1674322054690&lmt=1674322054&dlt=1674322047017&idt=7482&adxs=15&adys=86&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Famenazaytx.site%2F&frm=20&vis=1&psz=300x250&msz=300x60&fws=0&ohw=0&ga_vid=190685867.1674322054&ga_sid=1674322055&ga_hid=390999659&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5e16a83fea1112a157b0757cc50c18680d557bd4e8ab41cecbc8fb2f1b90fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12698
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3706114325189126&correlator=618828711354839&eid=31071678%2C31071687&output=ldjh&gdfp_req=1&vrg=2023011701&ptt=17&impl=fifs&iu_parts=21902364955%3A22623907295%2Ccm_as_amenazayt.site_content_type_general_social_top%2Ccm_as_amenazayt.site_content_type_general_social_btf_300x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&ifi=3&adks=1107868161&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1674322054694&lmt=1674322054&dlt=1674322047017&idt=7482&adxs=1083&adys=771&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Famenazaytx.site%2F&frm=20&vis=1&psz=337x600&msz=337x600&fws=4&ohw=1600&ga_vid=190685867.1674322054&ga_sid=1674322055&ga_hid=390999659&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4a617bf578d0a7c2d14d37998a1ef73299daeec9efd06156cd9325f799b968c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13102
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
818cc620f3ccaa74b8513e7bc705452d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D9CA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://818cc620f3ccaa74b8513e7bc705452d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 21 Jan 2023 17:27:34 GMT
expires
Sun, 21 Jan 2024 17:27:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2023011701.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023011701.js?cb=31071687
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d099a3bd04498846916c854ee78d6310c58ba46f4b63751acab6b8fc8ef0b8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 04:53:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45221
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13722
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 09:35:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 21 Jan 2024 04:53:53 GMT
localstore.js
script.4dex.io/ Frame 800B 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sat, 21 Jan 2023 17:27:34 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
433426
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BD4OhufRq2CnFDVbqbVRq587soCqZgIrct8Sz%2Byl9YGIR1HGj9HosWRPGlJbmngZwRDkiQt%2BFZViPp%2BNvwSMv5%2BZfsDPawfEYh0ql5Aw1mAUTcmTFiXzdmmXZ%2BEQaBFHFUu%2BeHqOhynkG%2F9x"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
78d1c2eb9ad3923b-FRA
prebid
ib.adnxs.com/ut/v3/ Frame 800B 		138 B
939 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
692d3a1345b82c8bde925f3f5c135da778fa34740340aa6deb218d4f9ce414a2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:35 GMT
AN-X-Request-Uuid
0cdcf404-2406-4516-a948-5a0260e10209
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://amenazaytx.site
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.35; 81.95.5.35; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 800B 		18 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.22.0&cb=18935232846&lsavail=1
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 800B 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:34 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
mp.4dex.io/ Frame 800B 		114 B
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1da32e6a401aef72a58be2d0a1fb4ef2d3e2b964bd9742cd2c99c60e8ad1d764

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sat, 21 Jan 2023 17:27:35 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback, Process Seats Booster. unable to get the seat booster engine for organization: 1263
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
78d1c2ec0b0d2c6f-FRA
expires
0
adreq
ads.servenobid.com/ Frame 800B 		730 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=3629
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ee5e92ed3a0de89dee381b5e632589f00cda7391453cb06c5410d67350440b1c

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ Frame 800B 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ Frame 800B 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:33 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
prebid
prebid.media.net/rtb/ Frame 800B 		1 KB
969 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2BX48Z
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5b0d4162d50ef77229019246f3635d3d7a7866a051e07e28ac75e30c239c0730

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sat, 21 Jan 2023 17:27:34 GMT
auction
tlx.3lift.com/header/ Frame 800B 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Famenazaytx.site%2F&tmax=3000
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.30.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-30-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
93e5feb3023242ae85c1a3c7c47d48b4e047ae150b7612db2c1669ab0ec702b7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
gzip
accept-ch
sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2635
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid-2022-12-27.js
cdn.psdn.xyz/ Frame 6EB1 		371 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.psdn.xyz/prebid-2022-12-27.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
7899e4ccdbb66bba8489aec160f24c1cb19781ae6811fc9ec69f582697e35a4b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Tue, 27 Dec 2022 13:09:50 GMT
x-sp-metadata
HS256.CJbdsJ4GEoUBCiQ3Yjk3NGY5ZS04NGRiLTQwZWUtOTE0Zi0zMzVmNmE1Mzk5MTAQgMGmkNnD+wIaBgiGwbCeBiIKODEuOTUuNS4zNSjstwMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDNmMDY4MzczLTYyOTUtNDZiMS04ZDgwLWQ1NDNkZWJlZTRjZRjHwAciGAgCEhRjZHMyMjMuZnI4Lmh3Y2RuLm5ldA==.BEphFp+qYbYpLflvUSXmKe7Vpv78anlV2wYeAKTQ6Ko=
x-amz-request-id
tx000000000000219c93b6d-0063aaeea7-34c6886a-nyc3b
etag
"e07bb8c29b8196e635a7e649e961ba8b"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1674322054.dop245.fr8.t,1674322054.cds203.fr8.hn,1674322054.cds223.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
content-length
122951
prebid-2022-12-27.js
cdn.psdn.xyz/ Frame FCEE 		371 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.psdn.xyz/prebid-2022-12-27.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
7899e4ccdbb66bba8489aec160f24c1cb19781ae6811fc9ec69f582697e35a4b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Tue, 27 Dec 2022 13:09:50 GMT
x-sp-metadata
HS256.CJbdsJ4GEoUBCiQ4OTc3NGZkZC00NjNlLTRmZDEtYjQyMC1lMTE5YzYzZGMyZjAQgMGmkNnD+wIaBgiGwbCeBiIKODEuOTUuNS4zNSjstwMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDdmOTE3NWNhLTI1YmUtNGNjZC04NTIwLTFhODg5YjEwMjg2MhjHwAciGAgCEhRjZHMyMjMuZnI4Lmh3Y2RuLm5ldA==.uUt4pxpdjHpA/OSY71XX9sHeOfsHcMy9yXuRIve2ZBc=
x-amz-request-id
tx000000000000219c93b6d-0063aaeea7-34c6886a-nyc3b
etag
"e07bb8c29b8196e635a7e649e961ba8b"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1674322054.dop245.fr8.t,1674322054.cds203.fr8.hn,1674322054.cds223.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
content-length
122951
localstore.js
script.4dex.io/ Frame 6EB1 		483 B
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sat, 21 Jan 2023 17:27:34 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2422582
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDGpjrlSytkETTKrufeRJBebQywQBdht4w%2BGeTFpxZto%2FJJl8pzDolN%2BmjblxlS4QF4eFy5rwso9%2BXqMXMjunLUpLsk%2FcYUwtmlKJnTkxUkVoG9fMDb50yg718OHCurdaifcaC1PUB6L0mps"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
78d1c2eb98c89966-FRA
css2
fonts.googleapis.com/ Frame 0E84 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 21 Jan 2023 17:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 21 Jan 2023 16:07:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 Jan 2023 17:27:35 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/ Frame 0E84 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 18:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
81517
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8191
x-xss-protection
0
server
cafe
etag
7335088802737092762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Feb 2023 18:48:58 GMT
prebid
prebid.media.net/rtb/ Frame 6EB1 		1 KB
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2BX48Z
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a08b8f18f9cb1046be5b9546bb0bc3fc718acdf0b4cfb0c244d57c12cc4e916b

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:35 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sat, 21 Jan 2023 17:27:35 GMT
adreq
ads.servenobid.com/ Frame 6EB1 		730 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=8673
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ee5e92ed3a0de89dee381b5e632589f00cda7391453cb06c5410d67350440b1c

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Jan 2023 17:27:35 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 6EB1 		18 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.22.0&cb=59655832863&lsavail=1
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ Frame 6EB1 		138 B
939 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4f0fe033244ded5c7dd431299f5965646bd0e1d111336a0a165967d7f2724405
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:35 GMT
AN-X-Request-Uuid
65243cc4-507e-48a6-abf0-964602d15d7f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://amenazaytx.site
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.35; 81.95.5.35; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
mp.4dex.io/ Frame 6EB1 		114 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b54ad58fc8cb4dfbd1aeb1f74296e82573a7db1c570dd5255c2e6878d28f519

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sat, 21 Jan 2023 17:27:35 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback, Process Seats Booster. unable to get the seat booster engine for organization: 1263
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
78d1c2ec0b102c6f-FRA
expires
0
auction
tlx.3lift.com/header/ Frame 6EB1 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Famenazaytx.site%2F&tmax=3000
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.30.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-30-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3ac890a163802ac2d431d96a0953a1bbcc52fe10a5fcb59ccd4fc4b5b470782d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:35 GMT
content-encoding
gzip
accept-ch
sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2270
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 6EB1 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:35 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ Frame 6EB1 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
23
server
envoy
vary
origin, Accept-Encoding
prebid-request
onetag-sys.com/ Frame 6EB1 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
adagio.js
script.4dex.io/ Frame 800B 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sat, 21 Jan 2023 17:27:35 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
116780
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYIWgjtV1L%2BfPYNpEP9xxbtYt4YaHXVucRuXwLSr20ETeA25DhhmPCGIIt8pz4UC%2FcfNQG9YmhuaphQ2B5E9Nhj6qfwDPx8ntfH9Es2DiA02zPRetO39kDgafUqC40kNsUJ6ZAxgR0PgLMMb"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
78d1c2ec1efc9013-FRA
adagio.js
script.4dex.io/ Frame 6EB1 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sat, 21 Jan 2023 17:27:35 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
116780
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiH4S8T7MhXeNkR1fzil29TnAl5mOSq3%2Bf7F4XB%2BhV1XjESgM2V%2FgaSnTAqSbSjl5ULG1X8WT5mrilJ8fXxDR%2F61l%2BUietHvTdAX%2BTAIDSdoP1cHNXVOiVdwssCJ1IhiA3hRgrxLad6gFvYu"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
78d1c2ec7fdc9013-FRA
localstore.js
script.4dex.io/ Frame FCEE 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sat, 21 Jan 2023 17:27:35 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2422583
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BadlcQjCdy%2F%2FFjbG%2Busja5G7KuLzdWB71w8Fqe2gEfAI9saR4D%2BT8BFB2J8zRcvn4l0i%2FzuK6wk8pclLDPWoYzRKyEbw1K8%2BpIRvmrVBpG4WwXXQGB62XSKpZxG3yzqhnMr8KuQkkZsRJYSs"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
78d1c2ec09919966-FRA
adreq
ads.servenobid.com/ Frame FCEE 		730 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10894
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ee5e92ed3a0de89dee381b5e632589f00cda7391453cb06c5410d67350440b1c

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Jan 2023 17:27:35 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame FCEE 		137 B
938 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e70a689c7bf85ff2946b25e621149b9df4c2f72c88afabf946c82d3b46ed0eb2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:35 GMT
AN-X-Request-Uuid
26ad9ed9-6676-42c3-a7a2-d2a9766fad2b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://amenazaytx.site
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.35; 81.95.5.35; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ Frame FCEE 		1 KB
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2BX48Z
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
626d41d119ae024a150a3f7e4ea85727e04a711cd131b54264f1c44578cfcfd2

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:35 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sat, 21 Jan 2023 17:27:35 GMT
prebid-request
onetag-sys.com/ Frame FCEE 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ Frame FCEE 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
22
server
envoy
vary
origin, Accept-Encoding
cdb
bidder.criteo.com/ Frame FCEE 		18 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.22.0&cb=28263062594&lsavail=1
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Jan 2023 17:27:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/ Frame FCEE 		19 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Famenazaytx.site%2F&tmax=3000
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.30.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-30-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:35 GMT
accept-ch
sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
mp.4dex.io/ Frame FCEE 		114 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f64ac193b8bdfb3e002b22df2b7ea816cba2f2e116202ecf01f8234f75abe7b

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sat, 21 Jan 2023 17:27:35 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback, Process Seats Booster. unable to get the seat booster engine for organization: 1263
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
78d1c2ec3b8d2c6f-FRA
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame FCEE 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:35 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012301041800000/ Frame 9652 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
343222
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61740
x-xss-protection
0
server
sffe
etag
"8e9029bac2b10828"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 9652 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
343222
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5230
x-xss-protection
0
server
sffe
etag
"98e8559bf0300638"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 9652 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
343222
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28829
x-xss-protection
0
server
sffe
etag
"80143a542ab189b2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 9652 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
343222
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1904
x-xss-protection
0
server
sffe
etag
"c26873ae23a2dfcc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 9652 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
343222
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12956
x-xss-protection
0
server
sffe
etag
"a53f7d5e2894160e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
css
fonts.googleapis.com/ Frame 9652 		6 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 21 Jan 2023 17:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 21 Jan 2023 16:06:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 Jan 2023 17:27:35 GMT
es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9652 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/es.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 10:51:53 GMT
x-content-type-options
nosniff
server
cafe
age
23742
etag
15820072736840818134
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2687
x-xss-protection
0
expires
Sun, 22 Jan 2023 10:51:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9652 		295 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:50 GMT
x-content-type-options
nosniff
server
cafe
age
34065
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 22 Jan 2023 07:59:50 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9652 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cbb5-hiDMY9eBNYzq3gOi6LmIB6_ohstu74eOoqcNmJL4h7MCEAEg8tO5e2CVuomCmAegAY3s5NkCyAEJqQKCoV-5vROpPuACAKgDAcgDCqoE7gFP0CqL05HwJljwoW9zZP7U1MoGEHwGv3At1nnG7-eMHy7lvk5Wx_EN2oLaehf4KVIhBDqXLc-SHM4Y5ZLWgt5Mwa0jAZSU0xED2LW-4aY3zNLnuwA1jB-b8mftOvoPP7ieNyAYI_vrpQQh2ZLyYcUmxE8TBwGWvf0J_t4tV3Np6tJQwIsl_alRR9ZPUvJrzSXL5x9DH1m4IFr5KdC3p0ha0B5TNE69n4ILvSAYr9knCcIpZ9KbvB12Vje3GsPH4TFABcurxSs4w-BUoMJeLYP8pmSZZBFzAi7CUU1gygvkIDd0ILEYT394HoMolWAawATpg4j-vgPgBAGSBQQIBBgBkgUECAUYBKAGLoAH25ObpgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCzpw7SCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbgT5APYEwyIFA7QFQGAFwGyFx4KHAgAEhRwdWItNTQxMzMyOTU0NDA0MDk0NxjBjHQ&sigh=ujOngV5l-os&uach_m=[UACH]&cid=CAQSTADq26N91GDiWaakQbf1I3zUBf2BUzt5qF6ZD-DpHQwf0pW2l08DfAeJx0AS1Ojgk5TPK6IZRU8uP84th5X6f4Rrh7KPKw2l9TAmbn8YASAT&template_id=484
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
2076313506083323656
tpc.googlesyndication.com/simgad/6755164337674422732/ Frame 9652 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6755164337674422732/2076313506083323656
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
551e67e644fdfc2b79e4fb37c470badab17fcd3cb54ca781bc109e359cab87d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:16:18 GMT
x-content-type-options
nosniff
age
123077
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30236
x-xss-protection
0
last-modified
Thu, 25 Feb 2021 10:06:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 Jan 2024 07:16:18 GMT
10877801428445852470
tpc.googlesyndication.com/simgad/ Frame 9652 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10877801428445852470?w=100&h=100
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11efe705d4a9171616d487f55fc477e3ba6c5a1e67100f8eb379cfb80507d54b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:57:07 GMT
x-content-type-options
nosniff
age
189028
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1952
x-xss-protection
0
last-modified
Sun, 24 Jul 2022 17:06:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 19 Jan 2024 12:57:07 GMT
truncated
/ Frame 9652 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9652 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
591346fa989da7e8a68192d91d08a0f676997ece579d3f3621b9942a7f470d38

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
22554.js
ads.rubiconproject.com/ad/ Frame 07FA 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/22554.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:35 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=5723
access-control-allow-credentials
true
content-length
8916
expires
Sat, 21 Jan 2023 19:02:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 07FA 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 21 Jan 2023 17:27:35 GMT
ttj
ib.3lift.com/ Frame F6D1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=Purpleads_RON_Banner_HDX_Prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-20.prg50.r.cloudfront.net
Software
/
Resource Hash
85a6cc332356088f9a976902c990983024fa33915d0698c64c2b7ce6c8f2f54e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:16:12 GMT
content-encoding
gzip
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
690
etag
"070d53fda59aaaf14bb068bf0ff670e4a5a3f1e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
content-length
2176
x-amz-cf-id
HKsWwdzqxlJcwilkU84fbC4HlUdqztrVE6bXyagDkbgWxl7W2neZtw==
winner
api.purpleads.io/x/a/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/winner?ts=1674322055310
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:35 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id
7b810375-b867-474a-b0d9-5c3038075166
i
api.purpleads.io/x/a/80692802b09da57e1a9387244633c31d:5c298df0ff4e3d74467d7df158384462e16df61117040ecc3f8f8f3c93f34cc0a33b7d843d982657b65af3f797861d5813c703583cd799455d17c54b454e5bc9a818a795ffc3de4... 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/80692802b09da57e1a9387244633c31d:5c298df0ff4e3d74467d7df158384462e16df61117040ecc3f8f8f3c93f34cc0a33b7d843d982657b65af3f797861d5813c703583cd799455d17c54b454e5bc9a818a795ffc3de46699f3207815baf5212dd5575800feddf004e042352ced29b96d4fe51a05dd7b763621cf34522d4815d2a4cf4603559a85e8191ff93fb770686ba822c58570c8bdb58bab79b984a5f/i?id=d387f4c9-f9c9-408c-b154-49980a4b6de5&ts=1674322055310
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:35 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id
7a426b2e-435e-46ce-86dc-0837c688f5d8
winner
api.purpleads.io/x/a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/winner?ts=1674322055310
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
POST
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:35 GMT
x-request-id
07eda441-f2fd-4324-8435-00fd59773bcd
i
api.purpleads.io/x/a/80692802b09da57e1a9387244633c31d:5c298df0ff4e3d74467d7df158384462e16df61117040ecc3f8f8f3c93f34cc0a33b7d843d982657b65af3f797861d5813c703583cd799455d17c54b454e5bc9a818a795ffc3de4... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/80692802b09da57e1a9387244633c31d:5c298df0ff4e3d74467d7df158384462e16df61117040ecc3f8f8f3c93f34cc0a33b7d843d982657b65af3f797861d5813c703583cd799455d17c54b454e5bc9a818a795ffc3de46699f3207815baf5212dd5575800feddf004e042352ced29b96d4fe51a05dd7b763621cf34522d4815d2a4cf4603559a85e8191ff93fb770686ba822c58570c8bdb58bab79b984a5f/i?id=d387f4c9-f9c9-408c-b154-49980a4b6de5&ts=1674322055310
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:35 GMT
x-request-id
5dd22981-d957-403d-b73e-fed0ff74de74
notify
tlx.3lift.com/header/ Frame F6D1 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.01&ts=1674322054&aid=43656566482233002141640&ec=2409_15064_70_58174908&n=GgDyAr4BCAASFzQzNjU2NTY2NDgyMjMzMDAyMTQxNjQwGAAgASjpEjDYdUABSABQAWAKaABwsXWQAQCYAQCoAQC4AQXAAQrIAQ3wAQD4AQ2AAgqRAgAAAAAAAPA%2FmQJ7FK5H4XrEP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4AvAkgAPKB4gD%2BgGQAwCYAwCgAwC4A9YKyAMA0gMLNzBfNTgxNzQ5MDjgA9nk9R%2FpAwAAAAAAAAAA8AMN%2BQMAAAAAAAAAAPgCDIIDqgFodHRwczovL3Bvc3QudXBkYXRlLjNsaWZ0LmNvbS8yLzU5NjkxOC9pbXByZXNzaW9uP3RpPTQzNjU2NTY2NDgyMjMzMDAyMTQxNjQwJmNiPTE2NzQzMjIwNTQmaXA9ODEuOTUuNS4zNSZkdD01OTY5MTgxNTIwOTUxMzY3MzYxMDAwJnB2PWFiNDM3ODkzLTMwMTItNGE5Yi04YWE2LWU0ZTA4MDFiOTc2ZYgDAJIDBGQzZDOYAwCgA%2B7BEagDAA%3D%3D
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.30.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-30-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame F6D1 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=43656566482233002141640
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
ttj
ib.3lift.com/ Frame EAAE 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=Purpleads_RON_Banner_HDX_Prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-20.prg50.r.cloudfront.net
Software
/
Resource Hash
85a6cc332356088f9a976902c990983024fa33915d0698c64c2b7ce6c8f2f54e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:16:12 GMT
content-encoding
gzip
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
690
etag
"070d53fda59aaaf14bb068bf0ff670e4a5a3f1e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
content-length
2176
x-amz-cf-id
gBWf6b4DaRw7XA6JGeaSAKQ687p07RcM6-ol_01Yy5NBELXaAAlBTw==
winner
api.purpleads.io/x/a/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/winner?ts=1674322055403
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer e5503a8be5c59196f7d89d8e3f76081b:dbf913c8afa5de89d6a2201b7b0168ff2e03ae5845bd84a2d8ea8b3f3876e67e82e8e6a8f68f61e4e7db1578fae8c6ec86745a077fe9c25c55d11ca810b16fb2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:35 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id
e5580eae-8be1-4ae9-ae81-b20a2d538cc3
i
api.purpleads.io/x/a/07806d59b019b505096fa3dc729f8245:f67676da4152ca39d8c5617352ef62fb90647603b422a090fa5b755721cf3673011d20a39937187b039ff89c865ceed94fb0ce0ba04cdfd08ef72bfd9a42e0ae6cbdc00b1c4fd53... 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/07806d59b019b505096fa3dc729f8245:f67676da4152ca39d8c5617352ef62fb90647603b422a090fa5b755721cf3673011d20a39937187b039ff89c865ceed94fb0ce0ba04cdfd08ef72bfd9a42e0ae6cbdc00b1c4fd533420abc286473ec1a023697c8b54c70ffbd37e3ab5a2ada83782e2de97986c22096f2b8189700e4bb1e8441f6e4e67b2efc66927559cc7274b67fcd8a3bc1ae1b2076b22c4f8000b3/i?id=df7b0712-f5f6-46e2-be42-b841cda1bca2&ts=1674322055403
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer e5503a8be5c59196f7d89d8e3f76081b:dbf913c8afa5de89d6a2201b7b0168ff2e03ae5845bd84a2d8ea8b3f3876e67e82e8e6a8f68f61e4e7db1578fae8c6ec86745a077fe9c25c55d11ca810b16fb2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:35 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id
a9c4efcc-3732-4a4b-9238-8a7a6c0ff965
notify
tlx.3lift.com/header/ Frame EAAE 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.013&ts=1674322055&aid=38574115184111798700470&ec=2409_15064_70_33501765&n=GgDyAr4BCAASFzM4NTc0MTE1MTg0MTExNzk4NzAwNDcwGAAgASjpEjDYdUABSABQAWAKaABwqFWQAQCYAQCoAQC4AQXAAQ3IARDwAQD4ARCAAg2RAgAAAAAAAPA%2FmQJ7FK5H4XrEP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4AvAkgAPKB4gD%2BgGQAwCYAwCgAwC4A9EByAMA0gMLNzBfMzM1MDE3NjXgA6CIsSfpAwAAAAAAAAAA8AMQ%2BQMAAAAAAAAAAPgCDIgDAJIDBGQzZDOYAwCgA%2B7BEagDAA%3D%3D
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.30.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-30-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame EAAE 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=38574115184111798700470
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
winner
api.purpleads.io/x/a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/winner?ts=1674322055403
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
POST
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:35 GMT
x-request-id
e58a752b-ff13-4157-9633-458a00fd28c6
i
api.purpleads.io/x/a/07806d59b019b505096fa3dc729f8245:f67676da4152ca39d8c5617352ef62fb90647603b422a090fa5b755721cf3673011d20a39937187b039ff89c865ceed94fb0ce0ba04cdfd08ef72bfd9a42e0ae6cbdc00b1c4fd53... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/07806d59b019b505096fa3dc729f8245:f67676da4152ca39d8c5617352ef62fb90647603b422a090fa5b755721cf3673011d20a39937187b039ff89c865ceed94fb0ce0ba04cdfd08ef72bfd9a42e0ae6cbdc00b1c4fd533420abc286473ec1a023697c8b54c70ffbd37e3ab5a2ada83782e2de97986c22096f2b8189700e4bb1e8441f6e4e67b2efc66927559cc7274b67fcd8a3bc1ae1b2076b22c4f8000b3/i?id=df7b0712-f5f6-46e2-be42-b841cda1bca2&ts=1674322055403
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:35 GMT
x-request-id
580b08f2-8126-4bf2-94c0-c48a11373091
bundle.js
ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/ Frame EAAE 		170 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=Purpleads_RON_Banner_HDX_Prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-20.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab79d75854050d545dc226e87d89007670f6904ee0fbfec6568d41e8c8e2076c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 15:41:41 GMT
content-encoding
gzip
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 15:38:11 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
3807955
etag
"dc17b3dc9f345ba38045deae8cd83a33"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
55196
x-amz-cf-id
iZZf0t1LmsBFMN9DbbQ2176m0dPISDWYxFjN64KlXKvoGNZMf6LJeg==
bundle.js
ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/ Frame F6D1 		170 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=Purpleads_RON_Banner_HDX_Prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-20.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab79d75854050d545dc226e87d89007670f6904ee0fbfec6568d41e8c8e2076c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 15:41:41 GMT
content-encoding
gzip
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 15:38:11 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
3807955
etag
"dc17b3dc9f345ba38045deae8cd83a33"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
55196
x-amz-cf-id
gpgLF-6lCBWVr6Bx6eEf6AOMY1wDlJ3mjIZ9p3zmuHTcBO3D-GjetQ==
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=390999659&t=pageview&_s=1&dl=https%3A%2F%2Famenazaytx.site%2F&ul=en-us&de=UTF-8&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KADAAEABEAAAACAAI~&jid=1606389890&gjid=2055331006&cid=190685867.1674322054&tid=UA-203930810-1&_gid=2122155133.1674322055&_r=1&_slc=1&z=1038809526
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
notify
tlx.3lift.com/header/ 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.013&ts=1674322055&aid=38574115184111798700470&ec=2409_15064_70_33501765&n=GgDyAr4BCAASFzM4NTc0MTE1MTg0MTExNzk4NzAwNDcwGAAgASjpEjDYdUABSABQAWAKaABwqFWQAQCYAQCoAQC4AQXAAQ3IARDwAQD4ARCAAg2RAgAAAAAAAPA%2FmQJ7FK5H4XrEP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4AvAkgAPKB4gD%2BgGQAwCYAwCgAwC4A9EByAMA0gMLNzBfMzM1MDE3NjXgA6CIsSfpAwAAAAAAAAAA8AMQ%2BQMAAAAAAAAAAPgCDIgDAJIDBGQzZDOYAwCgA%2B7BEagDAA%3D%3D&b=1
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.30.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-30-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=38574115184111798700470&rev=2369ca4&pr=un&bc=0.016&bmid=2409&biid=4720&sid=15064&brid=10920&adid=70_33501765&crid=82592800&ts=1674322055&bcud=16&ss=12&caid=0&unid=0&domain=amenazaytx.site&ref=https%253A%252F%252Famenazaytx.site%252F&rr=creative&fid=10&rb=0&g=0&cb=10915
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
truncated
/ Frame 0F77 		26 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame EAAE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-20.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 08:16:10 GMT
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
465086
etag
"ddf020e069f1706b72b7698b28fede09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3125
x-amz-cf-id
FLpn4WeXUboP4c3JF2W1AMieAXZTVufYLPFBfvS2XBS09Ui64E81Kw==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame EAAE 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-20.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 07:09:58 GMT
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
469058
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3518
x-amz-cf-id
CioEEBrX-a69yyupGnUBz1UlowW6F4ICiHedQToeOc-XQGFvBzAwYg==
ctar
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=38574115184111798700470&rev=2369ca4&cta_render_method=1&cta_render_text=&cb=62548
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
/
track.adform.net/adfscript/ Frame 7E71
Redirect Chain
  • https://ghent-aws-fr.bidswitch.net/imp/0.016/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R33501765_Qrtbwp_R_I_WAUCTION__PRICE_X-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0_Qrtbdata_RsRjv4zJ1xnW877P9d1Yqs...
  • https://track.adform.net/adfscript/?bn=33501765;rtbwp=0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0;rtbdata=sRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3R...
917 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=33501765;rtbwp=0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0;rtbdata=sRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0;;OOBClickTrack=
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6468ef54bea2b35c0beb7606a20b5d4ab57047828382a8e391a9ad597ae6dc51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
768
expires
-1

Redirect headers

Location
https://track.adform.net/adfscript/?bn=33501765;rtbwp=0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0;rtbdata=sRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0;;OOBClickTrack=
Date
Sat, 21 Jan 2023 17:27:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
xuid
eb2.3lift.com/ Frame 7E71
Redirect Chain
  • https://aws-fr-sync.bidswitch.net/sync?ssp=triplelift&dsp_id=70&imp=1
  • https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=triplelift&dsp_id=70&imp=1
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7685950011543737331&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=70e23e84-137f-4ab6-a53d-3e8ca2211bc8&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
  • https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=70e23e84-137f-4ab6-a53d-3e8ca2211bc8&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=70e23e84-137f-4ab6-a53d-3e8ca2211bc8&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 21 Jan 2023 17:27:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=2409&xuid=70e23e84-137f-4ab6-a53d-3e8ca2211bc8&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
date
Sat, 21 Jan 2023 17:27:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=38574115184111798700470&rev=2369ca4&pr=un&bc=0.016&bmid=2409&biid=4720&sid=15064&brid=10920&adid=70_33501765&crid=82592800&ts=1674322055&bcud=16&ss=12&caid=0&unid=0&domain=amenazaytx.site&ref=https%253A%252F%252Famenazaytx.site%252F&rr=creative&fid=10&rb=0&g=0&cb=45476
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9652 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://amenazaytx.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 19:33:08 GMT
x-content-type-options
nosniff
age
251667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jan 2024 19:33:08 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9652 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://amenazaytx.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 01:58:46 GMT
x-content-type-options
nosniff
age
228529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 01:58:46 GMT
eyJpdSI6IjBmNTE1ZTU2ODJiODc5MDdmZmM3OTkzNTcwZjNhOWNhYjNmOWY4NTQ0ZGU2MDU1MjFhMzg0Nzg2ZTQ2MTgxZDEiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 798C 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBmNTE1ZTU2ODJiODc5MDdmZmM3OTkzNTcwZjNhOWNhYjNmOWY4NTQ0ZGU2MDU1MjFhMzg0Nzg2ZTQ2MTgxZDEiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7d05117f03b894bb88e2e11b1c8dc0deef0b45bd2a0ead1a9a7e846ab0e0eb55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:35 GMT
last-modified
Wed, 14 Dec 2022 00:30:57 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1814482
access-control-allow-credentials
false
x-traceid
98ed4abf18cb40981130638f08847afb
timing-allow-origin
*, *
content-length
42136
i
api.purpleads.io/x/a/9f2dbeeabecb323fe0b70551bae1f11d:45a24104b400f693cd13111874fb0e1f30a45762d198b88e263c5422db69276caa38ca154abb232b6ba783d7fb2f79c6097565f8a7ee33a7e77feabf393476a1a61d894ba71bd4a... Frame 798C 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.purpleads.io/x/a/9f2dbeeabecb323fe0b70551bae1f11d:45a24104b400f693cd13111874fb0e1f30a45762d198b88e263c5422db69276caa38ca154abb232b6ba783d7fb2f79c6097565f8a7ee33a7e77feabf393476a1a61d894ba71bd4a16d892030741a3ce1d8979eabaddfe51ec3f32fe7470272b23a867522cdbd6f1bb1aa991c03be380ec7ba98eaabce9f23592d76aab87950259a4a979b011cd9ee68053dc8892502be/i?id=fcac88f4-05ab-4978-8b11-40a66f976d66
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
api.purpleads.io
date
Sat, 21 Jan 2023 17:27:35 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id
5b45e426-554f-4377-bc87-ebbea3b9ac25
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame 798C 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=2be071efc451028742ed3a1d2807aa5e&pvId=2be071efc451028742ed3a1d2807aa5e&sid=9435706&pid=45718&idx=1&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:36 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
6b693b814d7732ea38d3140b00f05273
Content-Length
4
Expires
0
log-viewability
log.outbrainimg.com/loggerServices/ Frame 798C 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/log-viewability?requestId=2be071efc451028742ed3a1d2807aa5e&position=0
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:36 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
451a7586ca3ec7caf099d9de6552fcce
Content-Length
4
Expires
0
notify
tlx.3lift.com/header/ 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.01&ts=1674322054&aid=43656566482233002141640&ec=2409_15064_70_58174908&n=GgDyAr4BCAASFzQzNjU2NTY2NDgyMjMzMDAyMTQxNjQwGAAgASjpEjDYdUABSABQAWAKaABwsXWQAQCYAQCoAQC4AQXAAQrIAQ3wAQD4AQ2AAgqRAgAAAAAAAPA%2FmQJ7FK5H4XrEP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4AvAkgAPKB4gD%2BgGQAwCYAwCgAwC4A9YKyAMA0gMLNzBfNTgxNzQ5MDjgA9nk9R%2FpAwAAAAAAAAAA8AMN%2BQMAAAAAAAAAAPgCDIIDqgFodHRwczovL3Bvc3QudXBkYXRlLjNsaWZ0LmNvbS8yLzU5NjkxOC9pbXByZXNzaW9uP3RpPTQzNjU2NTY2NDgyMjMzMDAyMTQxNjQwJmNiPTE2NzQzMjIwNTQmaXA9ODEuOTUuNS4zNSZkdD01OTY5MTgxNTIwOTUxMzY3MzYxMDAwJnB2PWFiNDM3ODkzLTMwMTItNGE5Yi04YWE2LWU0ZTA4MDFiOTc2ZYgDAJIDBGQzZDOYAwCgA%2B7BEagDAA%3D%3D&b=1
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.30.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-30-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=43656566482233002141640&rev=2369ca4&pr=un&bc=0.013&bmid=2409&biid=4720&sid=15064&brid=15025&adid=70_58174908&crid=66941529&ts=1674322054&bcud=13&ss=12&caid=0&unid=0&domain=amenazaytx.site&ref=https%253A%252F%252Famenazaytx.site%252F&rr=creative&fid=10&rb=0&g=0&cb=40055
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame F6D1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-20.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 08:16:10 GMT
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
465086
etag
"ddf020e069f1706b72b7698b28fede09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3125
x-amz-cf-id
VAuH5v4_pCiokt3uzSJZesdu7clqTXwHv4mT0fLx1hQTLlFg6lIWIA==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame F6D1 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-20.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 07:09:58 GMT
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
469058
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3518
x-amz-cf-id
94l0jZFIFSwWkIVTTvsmSG8d8qPUYbajdQwhQ6B8d9vfwmYmBD2Xww==
truncated
/ Frame D315 		26 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
ctar
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=43656566482233002141640&rev=2369ca4&cta_render_method=1&cta_render_text=&cb=50248
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
/
track.adform.net/adfscript/ Frame 6ECB
Redirect Chain
  • https://ghent-aws-fr.bidswitch.net/imp/0.013/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R58174908_Qrtbwp_R_I_WAUCTION__PRICE_X-q0U4z5Zr0UU5nBlNTO9GBwi-hgJwsK1k0_Qrtbdata_RpI-0AXQtEWydKVBh47-yu...
  • https://track.adform.net/adfscript/?bn=58174908;rtbwp=0.01391-q0U4z5Zr0UU5nBlNTO9GBwi-hgJwsK1k0;rtbdata=pI-0AXQtEWydKVBh47-yuHaNe2ww0hRIo8KV65ojSF0S7vGKfj_u6R2R6QFKlcaadfbojnNZZ6GI5lczJZctJKst9pK3R...
923 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=58174908;rtbwp=0.01391-q0U4z5Zr0UU5nBlNTO9GBwi-hgJwsK1k0;rtbdata=pI-0AXQtEWydKVBh47-yuHaNe2ww0hRIo8KV65ojSF0S7vGKfj_u6R2R6QFKlcaadfbojnNZZ6GI5lczJZctJKst9pK3RJfJuY6Ph63adJjRFXt4vKagSHgqcB-zYbs1rjP4DvckvntNIxo88LcnSxUCzFW9mulo8qmmYTxbfPLAMPZ1flaTgo2iWHCKmfaGZPSVCRcBPzE1;;OOBClickTrack=
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4fe078f0794b4050d75ff47418e0f03283bd6508cd5b3a59b8e295c3577a438e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
776
expires
-1

Redirect headers

Location
https://track.adform.net/adfscript/?bn=58174908;rtbwp=0.01391-q0U4z5Zr0UU5nBlNTO9GBwi-hgJwsK1k0;rtbdata=pI-0AXQtEWydKVBh47-yuHaNe2ww0hRIo8KV65ojSF0S7vGKfj_u6R2R6QFKlcaadfbojnNZZ6GI5lczJZctJKst9pK3RJfJuY6Ph63adJjRFXt4vKagSHgqcB-zYbs1rjP4DvckvntNIxo88LcnSxUCzFW9mulo8qmmYTxbfPLAMPZ1flaTgo2iWHCKmfaGZPSVCRcBPzE1;;OOBClickTrack=
Date
Sat, 21 Jan 2023 17:27:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
xuid
eb2.3lift.com/ Frame 6ECB
Redirect Chain
  • https://aws-fr-sync.bidswitch.net/sync?ssp=triplelift&dsp_id=70&imp=1
  • https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=triplelift&dsp_id=70&imp=1
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7748378143796879746&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=70e23e84-137f-4ab6-a53d-3e8ca2211bc8&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
  • https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=70e23e84-137f-4ab6-a53d-3e8ca2211bc8&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=70e23e84-137f-4ab6-a53d-3e8ca2211bc8&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 21 Jan 2023 17:27:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=2409&xuid=70e23e84-137f-4ab6-a53d-3e8ca2211bc8&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
date
Sat, 21 Jan 2023 17:27:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ev1
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev1?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=38574115184111798700470&rev=2369ca4&pr=0.013&bc=0.016&bmid=2409&biid=4720&sid=15064&brid=10920&adid=70_33501765&crid=82592800&ts=1674322055&bcud=16&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=20036
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=43656566482233002141640&rev=2369ca4&pr=un&bc=0.013&bmid=2409&biid=4720&sid=15064&brid=15025&adid=70_58174908&crid=66941529&ts=1674322054&bcud=13&ss=12&caid=0&unid=0&domain=amenazaytx.site&ref=https%253A%252F%252Famenazaytx.site%252F&rr=creative&fid=10&rb=0&g=0&cb=62354
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
analytics.js
s.update.3lift.com/2/596918/ Frame F6D1 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/596918/analytics.js?pv=ab437893-3012-4a9b-8aa6-e4e0801b976e&to=3&ai=15025&pp=11793&si=9019839&sr=12&pc=286958&di=amenazaytx.site&dm=970x250&md=1&gt=2921044&c1=2409&c2=15064&ti=43656566482233002141640&cb=1674322054&dt=5969181520951367361000
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7e795e5634a34ae5e0f24f55d93af366b704301789b097f49e6cb8f37cfcf519
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
2885
Expires
0
/
api.purpleads.io/x/b/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=4&pid=3cdaca6159a142d1bdbe40498076535e&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=7c27eb7e-aa62-4b64-ad9d-dabe753e347a&demand=unifiedPb&ts=1674322055590
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash
aa4cee6d06fb8e1a031b8476c6a85982de78467a45782c2d4dabcf8306238b60

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Sat, 21 Jan 2023 17:27:36 GMT
content-encoding
gzip
pa-user-id
2b776aea-ced4-48ec-b34b-77fcabb2c5ba
etag
W/"98e-Yq6r5CFh3JjH+9+4nU+eI3r6Tic"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
31e47ae3-1d8f-4c67-b68a-d3fa81a6fa4a
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=4&pid=3cdaca6159a142d1bdbe40498076535e&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=7c27eb7e-aa62-4b64-ad9d-dabe753e347a&demand=unifiedPb&ts=1674322055590
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Sat, 21 Jan 2023 17:27:35 GMT
x-request-id
2d50767f-7de9-46d7-806a-d06d06222623
ev1
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev1?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=43656566482233002141640&rev=2369ca4&pr=0.01&bc=0.013&bmid=2409&biid=4720&sid=15064&brid=15025&adid=70_58174908&crid=66941529&ts=1674322054&bcud=13&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=20109
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
2490514-16.js
smarttag.rubiconproject.com/a/22554/435054/ Frame 07FA 		147 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/22554/435054/2490514-16.js?&cb=0.7141450132985538&tk_st=1&rf=https%3A//amenazaytx.site/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=435054_16&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/22554.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0e3c899ebdaf5b195762425593850487108f4bb5e29fcbc664bf5fab2fcc3a21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
147
expires
Wed, 17 Sep 1975 21:32:10 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/022301041800000/ Frame B3EC 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022301041800000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ec6225a4e15fce914847fb3a4ac496b393c23cf38f0a614293b0e7311b7c33b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 22:20:08 GMT
age
328047
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61636
x-xss-protection
0
server
sffe
etag
"6860505b1f6c104a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 22:20:08 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/022301041800000/v0/ Frame B3EC 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022301041800000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 22:20:08 GMT
age
328047
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5230
x-xss-protection
0
server
sffe
etag
"98e8559bf0300638"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 22:20:08 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/022301041800000/v0/ Frame B3EC 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022301041800000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 22:20:08 GMT
age
328047
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28829
x-xss-protection
0
server
sffe
etag
"80143a542ab189b2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 22:20:08 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/022301041800000/v0/ Frame B3EC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022301041800000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 22:20:08 GMT
age
328047
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1904
x-xss-protection
0
server
sffe
etag
"c26873ae23a2dfcc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 22:20:08 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/022301041800000/v0/ Frame B3EC 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022301041800000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 22:20:08 GMT
age
328047
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12956
x-xss-protection
0
server
sffe
etag
"a53f7d5e2894160e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 22:20:08 GMT
css
fonts.googleapis.com/ Frame B3EC 		6 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 21 Jan 2023 17:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 21 Jan 2023 16:55:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 Jan 2023 17:27:35 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B3EC 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:50 GMT
x-content-type-options
nosniff
server
cafe
age
34065
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 22 Jan 2023 07:59:50 GMT
es_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B3EC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/es_bl.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9e843e63acdf34d5a5edbba301377df7e0089c44be896e2b36e9293227dbcda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 08:48:37 GMT
x-content-type-options
nosniff
server
cafe
age
31138
etag
11430072204764857781
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2664
x-xss-protection
0
expires
Sun, 22 Jan 2023 08:48:37 GMT
l
www.google.com/ads/measurement/ Frame B3EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSvTfY45JJsszfeRdXu1VGyDK1XYu8WACn9QzyFwUwrFxWkwC9XEqFmMaRv7Prdk9fpk2WhkOo_G4Y0Mv3H6WR5ESt6sQ
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame B3EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CmFxKhyDMY4nXB4nF3gOJ0anYA-nytstuo-uMu_YQ66Cq-48OEAEg8tO5e2CVuomCmAegAe-d_9soyAEJqQLmr9y3DS57PuACAKgDAcgDCqoE7AFP0CQdBw1JH-R1EnpQPFaTZxVgTodoIoLn3-8mapftYSPY-fCRZX5hJhUzdZuuko6KDCU1OyFFWPpoAZdOLmhhskegTFrB_wdF8jXJblTsYF4zCDCSLUpz4hS8etkqs044hEq_f__If0QaEWNdePfAy6Okcdbl1Fk0jzCWCb326aQWY1w5yx4QN4NoNjQ46LVd3ISib117ONXMNUnynHoFYKluvrplq-wczlpz_voii3VyyBIpTLs7aB1TZwiQvnN2vbtI4TELNHVO7C2_s8eucyy8ZTY1cdqE0W2QW_9Is-E96JXiHzr55-DCeMAE-8mK8_8D4AQBkgUECAQYAZIFBAgFGASgBi6AB6mE_bsDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQxpwM0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDyAsBuBPkA9gTDNAVAYAXAbIXHgocCAASFHB1Yi01NDEzMzI5NTQ0MDQwOTQ3GMGMdA&sigh=eWNt8ehSfto&uach_m=[UACH]&cid=CAQSPgDq26N9RGj0jyZJBNT-h3UMLSWION224p6W2xE0c_cBLX9X7MvIZs7znn6xpN_r39dYeXsTVkdSQhLteQtfGAEgEw&template_id=484
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/15846345456542609316/ Frame B3EC 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15846345456542609316/14763004658117789537?w=100&h=100
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e6e785c644ae75359f83aef8958a50bf81d7fc423f7b1ee94e8fd35ca7f8f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 03:09:57 GMT
x-content-type-options
nosniff
age
137858
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1528
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 11:58:02 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 Jan 2024 03:09:57 GMT
truncated
/ Frame B3EC 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1e32268b250ca0f8be0cbd217201178eee737fb781a6d99e8150ac8ff4fb95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B3EC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://amenazaytx.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 01:58:46 GMT
x-content-type-options
nosniff
age
228529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 01:58:46 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B3EC 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://amenazaytx.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 19:33:08 GMT
x-content-type-options
nosniff
age
251667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jan 2024 19:33:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B3EC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://amenazaytx.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:40:07 GMT
x-content-type-options
nosniff
age
175648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 16:40:07 GMT
adagio.js
script.4dex.io/ Frame FCEE 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sat, 21 Jan 2023 17:27:35 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
116780
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsCJVPzZIN0W9ls4BtkvJXzMsgczWtCl6X5Uhjm4abOD3fSllS%2F83JV0cxydbTxIWfipj86rA9YiqRB48lZOLaAvgKJMejSo%2BJX5R27G6yjtRlS9fq8SoEQYqBVsKFsBbIV2PvDLAQYMu4b4"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
78d1c2f06ecc9013-FRA
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 7E71 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: ghent-aws-fr.bidswitch.net
URL: https://ghent-aws-fr.bidswitch.net/imp/0.016/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R33501765_Qrtbwp_R_I_WAUCTION__PRICE_X-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0_Qrtbdata_RsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI__SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK__aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0_Q_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/hVe4BeRF0iEQKLdsio_4gPQbCzl9QaLPJTyWCB2WDJ3WjXMdobKitqE_iF_8pKRpyk4FPq0RFyJ1fwuzwaZ5QojrJ2txzmISJvN_6qr3IiBIEDEJQ-DVl4ZyPG1v03KAByfxegBon_nDGT_pYzGKrI-AhsZ1R8JU23zZTA3WvV9UGZm6dQFDUIJhTAe-7gwvL_C-ZZcvmMzeIBPcwYjAtlRDvZana__IcJoI5jurI9tb6KPf4kqyZ1496RjNdz1GNEaWBFAxOXSpu7oWnZBwgMwvEHpCwXvhGy6X6fP9bLagEpVEf9HbsAsvQAgh-G_WwVV0NcSMh-alv7y2v9vYaiT570tr-7UA4HnhXa1efkWVhlNl2ODcUVdn-hdPbdWtq_m-MDedET0132pUsaes8njDdvUal1h63GoYGx4RPy7p2W-P8Ea09Ytn_zQkTnJSUsJUrrVCigSNuiuCV45J71YDeH2hrizUXX0UAeq2VqugbQHe5HPLFW8qtVnG3mY-dJ65Ghaw3fc5rlruO2ZLWl1DuRtt4MTYGLMmj2iKUvnsuBM0vppfbvezEwJGamqviOE6KeSv-Hh76upfXsh34DZbvCu92aw720jN4pSqSs0LWmQDWM_OJenrHGpNRp-VxfHqsbzobjnVTCN4zSROlXrTAqLUe6INoi-1W53eKzGvyPwxkbBE_Yylj3qx9sD5Q1ALxMS3fFWDKf4QCGhGjYvz2FzBuQNY6FhC6MDGKQAbp3-U1PqqMsxYj76iuQj5jHEFmcQJWFb3bkCpBEhmilQ6X-m5y960sg8LzEDOYlt_aghwu1qLs-4UXvhhlWArcgAEcEfG-6DrjgUlJTFiWJ2rChD9tUkYfPPZiztUKXedYgL0afPhFtHyQZS3aD9cP3NPpTQo04_PSAtOBiCS5ENTk2KqZC4oI-RoA5pbPMuRnmaoNo9cyu7Hkh368goQzBxozQ0ahqBpdSTUMDNcdVDt2k8rRKb2WMxF_XRXwdcr4I5zWpYJ_MJ2v7NGezVClbytWpFyoLPgY9YVSrsyyVNbq_QHS-1UKmL313WatbATQJeQF3gCOZYQOZDI8VXdkUoLdkvQN_ofNSWXusOfhypyrjoWLO3JJgWVDIsr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:36 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 19:29:50 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 6ECB 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: ghent-aws-fr.bidswitch.net
URL: https://ghent-aws-fr.bidswitch.net/imp/0.013/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R58174908_Qrtbwp_R_I_WAUCTION__PRICE_X-q0U4z5Zr0UU5nBlNTO9GBwi-hgJwsK1k0_Qrtbdata_RpI-0AXQtEWydKVBh47-yuHaNe2ww0hRIo8KV65ojSF0S7vGKfj__u6R2R6QFKlcaadfbojnNZZ6GI5lczJZctJKst9pK3RJfJuY6Ph63adJjRFXt4vKagSHgqcB-zYbs1rjP4DvckvntNIxo88LcnSxUCzFW9mulo8qmmYTxbfPLAMPZ1flaTgo2iWHCKmfaGZPSVCRcBPzE1_Q_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/CcdixfKbpxnF5OPJqeXekMkeF9m_R7-ADRQYvGZ7xwnW5uvwaqZ4AnYJTQf2ZxRFz8XLq99TmN4VAYfH-pejMZvcCPJkDWF6lqCTUmUP-8tlPZ0Tc5ef4DgCon7wdrfqnH2xRYUi42SjTZiPwm-cN-mrp8HmwL5BtD9UymobIsOA6YTmBMqLkIhN-CQAWFQ8pj9LBF2e8VAaI3PPwe4BUN3lFfhr-QC9J-zjI7-EDTWcyq0blKgIfIEyTOoYWmqZ9NY90fA_Ao945WvGBMEk7NfIftKePWCSrG7dnN-lwLVO5zLcG6gwIKz52DcpIioNAptsPHzCgyU9nlUkOzyCgxt0VmZ01thG_a9BtDybyEx6A71ZekQIKSZFUdPjJlu_8PffNaJYRPSvkwYgWBb4nCnGMqAHB1dnelpbrRUYo2SQGXvArS-dnY8THEGG_sOCPXqSfg_C0CbTWN9nJZhEP34zEGp2QX8VuebMuYnSKW2ypqXg0ZPPITXtKoGGO1gUQjlTRQ6NClbJd9t0afbJ_TXO55_Md7QRUsEF7oVOKNCZQT4SgqPs85XgcKAha16XhbAPYT6bgMlOiwyz40fquZIuBgy9VBrX9RykJfEihYKjS3zcPhv7_ZVVmial8r08KU5IVYQPEd_L6P_Xz2_gC5Y33G5rG7Jk123k6odlu75wLeqnYVVAAWRMfcJJW4uX0I-pvwCvFRi7JkJXpGAR9y2iL2ns0B1RHhNelhV98anEcf4e67aWTAumQ_nOdjmChl-ro1oALjiGlEUv8jZu1VqxXmPwouezkHLxnNCgP67qNgsr0LZIFc9G-ZQyAyR8rwB_-fv_SB9G4VbMrs1lkHEtLE9rsA2yqVMB_XBnmkTJCGQShxle4vHDzE7yDOaDLBcZUwAr90n8JWtEZGt0x7XDrEesrrs6_GLm7ppu6Bf5b-a8n7F5gvWBEZMLxpD-sEz_asi5v5wnVuGXO9DYZk4t39jhdyW4nhVoa6ClixexFjcU0EQ8AoX10Yjpv4cRyQWMD7KSnw88Qoj533vyUy_oSW_Y2ECELAOELh7arGBjLjYW7o_TqotavlyZpZDCbkApxwIjNTmIfgJ7vKWlSzIWBIDt7WbZyczZC43GrQ/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:36 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 19:29:50 GMT
/
track.adform.net/adfserve/ Frame 7E71 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=33501765;rtbwp=0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0;rtbdata=sRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0;;oobclicktrack=;js=1;adfxid=1x;3478;set=en-US|en-US|1600X1200|0|950|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Famenazaytx.site%2F
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fc55ce379042f86a54642c1209dd96cac13d5297445da4b297faf7b2b7c206de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2399
expires
-1
fxpcopuw.js
ad4m.at/ Frame 7E71 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78e99d887a74e2a58d9264a0a15b2953f5ecb5b70838cbaab5a3869a76f8c706

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
354178
etag
W/"6080661f69dc3db9c889ba58b02808d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wvj2JAB1u44URrEcfX41Q8cJq4HVSvoBebdUJT6h1D9ND3CUrEHRmAACPD9EJuVDM2%2F8uTiOrpVFBnoAwiLfbuaeR0HpnVBaE21GVlnmzNnwEh4uj%2Bc9OJ7ATPztivqOx41Xif0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
78d1c2f4b9bb5c44-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 17 Jan 2023 15:04:38 GMT
/
track.adform.net/csimpr/ Frame 7E71 		35 B
469 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=33501765&csi=WHkyovWQEatQ6r-rrIS2w70X4tnhtwIeRigK-oGE7lMJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB2QBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://amenazaytx.site
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
ThirdParty
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 7E71 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
12dcd567b94e5ff847b6cb2f1761eae55c371d5df44749bc9db2b1f1a854085b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:36 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 17:22:49 GMT
/
track.adform.net/adfserve/ Frame 6ECB 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=58174908;rtbwp=0.01391-q0U4z5Zr0UU5nBlNTO9GBwi-hgJwsK1k0;rtbdata=pI-0AXQtEWydKVBh47-yuHaNe2ww0hRIo8KV65ojSF0S7vGKfj_u6R2R6QFKlcaadfbojnNZZ6GI5lczJZctJKst9pK3RJfJuY6Ph63adJjRFXt4vKagSHgqcB-zYbs1rjP4DvckvntNIxo88LcnSxUCzFW9mulo8qmmYTxbfPLAMPZ1flaTgo2iWHCKmfaGZPSVCRcBPzE1;;oobclicktrack=;js=1;adfxid=2x;5334;set=en-US|en-US|1600X1200|0|950|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Famenazaytx.site%2F
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
149dd54cd14220e57903a2977ea614c70d22289d32f84d1756a6f1e58662ce57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2400
expires
-1
r62eglto.js
ad4m.at/ Frame 6ECB 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
354196
etag
W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUyvcK7p3e6tIb113z3gr3jtJM86YMyTyNfTioy4FgJg%2FB9BshZpby5ERDOHM77MNOY0L2YfcgcbnmvklxmhNbcvfpaDqDRJ1JbNWEyH8m4GPUOajHi588Cf1jJLKlpM8DvKdNw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
78d1c2f52aeb5c44-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 17 Jan 2023 15:04:20 GMT
/
track.adform.net/csimpr/ Frame 6ECB 		35 B
469 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=58174908&csi=XQVB3sUopqRa8ayPfglaXYzoHjJCDz2YnKRWaOGiMrAJDwKV3Zer3MjMUIauvmhlTyCUwOOVyN2KsJdQY-vvw2QBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://amenazaytx.site
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
eyJpdSI6IjBmNTE1ZTU2ODJiODc5MDdmZmM3OTkzNTcwZjNhOWNhYjNmOWY4NTQ0ZGU2MDU1MjFhMzg0Nzg2ZTQ2MTgxZDEiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 99C3 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBmNTE1ZTU2ODJiODc5MDdmZmM3OTkzNTcwZjNhOWNhYjNmOWY4NTQ0ZGU2MDU1MjFhMzg0Nzg2ZTQ2MTgxZDEiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7d05117f03b894bb88e2e11b1c8dc0deef0b45bd2a0ead1a9a7e846ab0e0eb55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:36 GMT
last-modified
Wed, 14 Dec 2022 00:30:57 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1814481
access-control-allow-credentials
false
x-traceid
98ed4abf18cb40981130638f08847afb
timing-allow-origin
*, *
content-length
42136
i
api.purpleads.io/x/a/3feb2d7f63967205bbaeae9100dde9dd:4a9cc87f6d5200686d9382aed5dada16509a999a1e99f8fc8df4d9837018143d0cc81f615dbd040083e7aeb797e9ea1d64e0b852b4a8639ac73ca342950fe5838a9d643404930eb... Frame 99C3 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.purpleads.io/x/a/3feb2d7f63967205bbaeae9100dde9dd:4a9cc87f6d5200686d9382aed5dada16509a999a1e99f8fc8df4d9837018143d0cc81f615dbd040083e7aeb797e9ea1d64e0b852b4a8639ac73ca342950fe5838a9d643404930eb48ee5b92fa82abe784675a7d98026389e7babd98ede32ad487858d74db443ce9be77901e155955fcdf0c91347f52be0a11e95ce6b05946592742faf2b3c62fdcb897cabc3f801e49b/i?id=31e47ae3-1d8f-4c67-b68a-d3fa81a6fa4a
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
api.purpleads.io
date
Sat, 21 Jan 2023 17:27:36 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id
ddf592e5-588d-4a32-b90f-4f9be83edb2a
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame 99C3 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=4656c6da772cf83fa4d639c24f19c2c4&pvId=4656c6da772cf83fa4d639c24f19c2c4&sid=9435706&pid=45718&idx=4&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:36 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
c17d948f8806f1ec231de77aebcf3b56
Content-Length
4
Expires
0
log-viewability
log.outbrainimg.com/loggerServices/ Frame 99C3 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/log-viewability?requestId=4656c6da772cf83fa4d639c24f19c2c4&position=0
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:36 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
0ba27a4651ba081e1b9d92a8c1045bc3
Content-Length
4
Expires
0
frame.html
ad4m.at/ Frame 1AC1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2150541
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
78d1c2f57f079000-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sat, 21 Jan 2023 17:27:36 GMT
expires
Sat, 26 Nov 2022 23:36:57 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BM79bc3R9vhu8YTsQkeqUCQn1%2FKT8efk%2Bi7gajy%2BqSSOLWrpS%2BhDdYpeoBNrK0LhKI0p60ws%2FeSNB9BYmP7xR3duWe7Ek%2FxdtQMAhVnkE4PCK1ViMEA%2F%2BqXuhhjeZAA7%2FuQDhc0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 15BB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2150541
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
78d1c2f57f1b9000-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sat, 21 Jan 2023 17:27:36 GMT
expires
Sat, 26 Nov 2022 23:36:57 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3dDqOpzWETnvu%2F8VbP79B8gBdeM5CUqlQMUYXn8a0%2BBanadvAYdlAT9ivOpaJnJio08GwHHCEE3JDoBIndcP91M47NRvQSYtC9a5PuDHCpxbh1RMneeZNokjQm%2Bqfw3QCWbJho%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ThirdParty
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 6ECB 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
12dcd567b94e5ff847b6cb2f1761eae55c371d5df44749bc9db2b1f1a854085b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:36 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 17:22:49 GMT
ev
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=43656566482233002141640&rev=2369ca4&pr=0.01&bc=0.013&bmid=2409&biid=4720&sid=15064&brid=15025&adid=70_58174908&crid=66941529&ts=1674322054&bcud=13&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=42754
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
rs
ad4m.at/ Frame 6ECB 		855 B
948 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdccd30e60dfae2833e120c4a9b8e15b3659c4d52f59d18a22efbb914032b229

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 21 Jan 2023 17:27:36 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2WHiSHRvnLTINrF4ui5lUK%2F5Nnq4iYuEvBoVUvjwcs5RVHBor0%2BaXcJo7XhIKElqrZcTuEwhjvXWampHPfAuDAd3HXk%2BDiJzxp9IwCTnk5TdXMrHIltZpcCfNapeCS5plIodkU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
cf-ray
78d1c2f808f69136-FRA
x-backend-server
aa-reachservice-group-europe-west1-gxt5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://amenazaytx.site
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78d1c2f7c8659136-FRA
content-length
24
content-type
text/plain
date
Sat, 21 Jan 2023 17:27:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdtujRFdlkgXayZYEinGgGcG3ZFg%2F9x8Zuyj5W%2BDXpuYKjrz5u1kZHlz7N4o8UaOlji0YlyIc1PlY6rW01F%2F6N9iLh4KbECNkQA20u5QV%2FUHri%2BoIIJvyRaFLzkRCO0yllBEW6E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-gxt5
rs
ad4m.at/ Frame 7E71 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0d51d121576ef02bdaad12e896dc6fe50ec7c8c54ffa41511c5cc5c7dbb344e

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 21 Jan 2023 17:27:37 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlCo%2Ba%2FYxcZfT8UwDuzMLvBQkKUb34rYlhB1p7vwaILqbJG3HRrAXJDIr78j07jL%2FeP8oLBBVhM8r%2BzNegLu%2BntrWubCQ4bussSvkRKXTD6wVPuTisfGQStghN2%2BzS4INeMVw3E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
cf-ray
78d1c2f808f39136-FRA
x-backend-server
aa-reachservice-group-europe-west1-wk5k
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://amenazaytx.site
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78d1c2f7c8669136-FRA
content-length
24
content-type
text/plain
date
Sat, 21 Jan 2023 17:27:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMc%2BLbY3QkJpmOqgVz03bz3Kb5f6%2BAudsj6TSbzd2QZLijod%2FKJPTW5Lx2VV01XP7nos%2BZps1bPbJZnROXTVdsypOKhIS6xjvt04Ok%2BsTUxHw6beDRTAwiFy2DQpACjDvG9970I%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-wk5k
ev
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=38574115184111798700470&rev=2369ca4&pr=0.013&bc=0.016&bmid=2409&biid=4720&sid=15064&brid=10920&adid=70_33501765&crid=82592800&ts=1674322055&bcud=16&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=31929
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame B3EC 		42 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuk8hvUDEZg_pQXuZt4VVWZJCKvysWPn86b96KDSco-XmlHCaHQA8tA3YhYCLj6mIpaGUyBfj3ELhSKhFdi1OG_WawpOFLZGAjJWbYgREL4YZDiK7542Y2d4dWT-SiDwW8aJv-LrNU&sai=AMfl-YQ20pVLFA8r6M49xuYiM1Yl5mU7nxvDSyQAeTWaaCK4BSPvQH-fLcEw86eZ_KptWbn-w5My1Z4nb8G40yr4R5xtV8yAQJafZkspVfE4hEoVPBNC93ePKO3p4v6RT7wgZw&sig=Cg0ArKJSzDj18Bg9SD5VEAE&cid=CAQSPgDq26N9RGj0jyZJBNT-h3UMLSWION224p6W2xE0c_cBLX9X7MvIZs7znn6xpN_r39dYeXsTVkdSQhLteQtfGAEgEw&id=ampim&o=15,86&d=300,60&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=135&tls=1135&g=100&h=100&tt=1135&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/ Frame F6D1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/postback?oz_pl=1&pp=11793&gt=2921044&ci=596918&dm=970x250&c2=15064&ti=43656566482233002141640&dt=5969181520951367361000&pv=ab437893-3012-4a9b-8aa6-e4e0801b976e&si=9019839&pc=286958&di=amenazaytx.site&md=1&c1=2409&to=3&ai=15025&sr=12&cb=1674322054&_x=1
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/596918/analytics.js?pv=ab437893-3012-4a9b-8aa6-e4e0801b976e&to=3&ai=15025&pp=11793&si=9019839&sr=12&pc=286958&di=amenazaytx.site&dm=970x250&md=1&gt=2921044&c1=2409&c2=15064&ti=43656566482233002141640&cb=1674322054&dt=5969181520951367361000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 21 Jan 2023 17:27:36 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.3lift.com/2/2.88.0/ Frame F6D1 		171 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.88.0/main.js
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/596918/analytics.js?pv=ab437893-3012-4a9b-8aa6-e4e0801b976e&to=3&ai=15025&pp=11793&si=9019839&sr=12&pc=286958&di=amenazaytx.site&dm=970x250&md=1&gt=2921044&c1=2409&c2=15064&ti=43656566482233002141640&cb=1674322054&dt=5969181520951367361000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf9f723c8119c017afec425fdbe058bd4404e0c5853ff4a72164449d8507a210
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sat, 21 Jan 2023 17:27:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
54959
Expires
Tue, 29 Sep 2054 07:26:40 GMT
rar
as.ad4m.at/ad/ Frame 21BE 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=196899&b=K19HRfRkQ9FGJMes5Hrt4HPtYG1a8TATXAaq&f=k5gs5fQP86FdRWgH4HZtpHmCk53UkTjTBRhR&c=970&d=250&e=&g=c5525dcf2ec8bfbb239f1d483c36bc81%2F15498422038251962271&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1674322056987&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D58174908%3Bcrtbwp%3D0.01391-q0U4z5Zr0UU5nBlNTO9GBwi-hgJwsK1k0%3Bcrtbdata%3DpI-0AXQtEWydKVBh47-yuHaNe2ww0hRIo8KV65ojSF0S7vGKfj_u6R2R6QFKlcaadfbojnNZZ6GI5lczJZctJKst9pK3RJfJuY6Ph63adJjRFXt4vKagSHgqcB-zYbs1rjP4DvckvntNIxo88LcnSxUCzFW9mulo8qmmYTxbfPLAMPZ1flaTgo2iWHCKmfaGZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DhIQzL1URogrGDDExtPWVkMnByvRlVEyqof1lNPm-ZGH4K1eXuCEchtZTea-mcnB63imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlTyCUwOOVyN2KsJdQY-vvw3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7d7b4a5ffa1399bbb123047bbed2db51145899e86aad7245900db19c6049232
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78d1c2f859e95c44-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 21 Jan 2023 17:27:37 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
postback
s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/ Frame F6D1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/postback?oz_pl=1&pp=11793&gt=2921044&ci=596918&dm=970x250&c2=15064&ti=43656566482233002141640&dt=5969181520951367361000&pv=ab437893-3012-4a9b-8aa6-e4e0801b976e&si=9019839&pc=286958&di=amenazaytx.site&md=1&c1=2409&to=3&ai=15025&sr=12&cb=1674322054&_x=1
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/596918/analytics.js?pv=ab437893-3012-4a9b-8aa6-e4e0801b976e&to=3&ai=15025&pp=11793&si=9019839&sr=12&pc=286958&di=amenazaytx.site&dm=970x250&md=1&gt=2921044&c1=2409&c2=15064&ti=43656566482233002141640&cb=1674322054&dt=5969181520951367361000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 21 Jan 2023 17:27:36 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
rar
as.ad4m.at/ad/ Frame FCFA 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=183975%2C197862%2C177100&b=3Jghpf4fXBjga7HrHAtEt9ZrSPSWTAJFd%2CKk8URfZfGBmzU5HMHktPtK13Yf7SATwAFq%2C8bjtDf8fRJV5ugHJHEtxteA92FGSwT8jFk&f=WVpHrfdfZYM6UYH5HjtDCXz8H3SETJ8F2%2CkGQS5f3fd65qF4HwHetmCX3qkfZSjTpRFR%2CZp4TwfBfzDmMcmHDHDtDC1jbwa6SXTxgFJ&c=970&d=250&e=&g=9c773e39be6301880c80b3f092dff1f1%2F11318067835857329594&i=20597%2C71725%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf03netmixdc&r=1674322057010&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33501765%3Bcrtbwp%3D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%3Bcrtbdata%3DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe5f972980d39ccdab22a40bc98112992bb0f665f5cba63cef65275428e3794
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78d1c2f88a3a5c44-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 21 Jan 2023 17:27:37 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
postback
s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/ Frame F6D1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/postback?pp=11793&gt=2921044&ci=596918&dm=970x250&c2=15064&ti=43656566482233002141640&dt=5969181520951367361000&pv=ab437893-3012-4a9b-8aa6-e4e0801b976e&si=9019839&pc=286958&di=amenazaytx.site&md=1&c1=2409&to=3&ai=15025&sr=12&cb=1674322054&sid=AcWPiXgAEeTuS4H7&oz_sc=0ccbe9f967fe7c0096bead6b&oz_df=1674322057041&oz_l=153&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.88.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 21 Jan 2023 17:27:36 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame 21BE 		90 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196899&b=K19HRfRkQ9FGJMes5Hrt4HPtYG1a8TATXAaq&f=k5gs5fQP86FdRWgH4HZtpHmCk53UkTjTBRhR&c=970&d=250&e=&g=c5525dcf2ec8bfbb239f1d483c36bc81%2F15498422038251962271&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1674322056987&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D58174908%3Bcrtbwp%3D0.01391-q0U4z5Zr0UU5nBlNTO9GBwi-hgJwsK1k0%3Bcrtbdata%3DpI-0AXQtEWydKVBh47-yuHaNe2ww0hRIo8KV65ojSF0S7vGKfj_u6R2R6QFKlcaadfbojnNZZ6GI5lczJZctJKst9pK3RJfJuY6Ph63adJjRFXt4vKagSHgqcB-zYbs1rjP4DvckvntNIxo88LcnSxUCzFW9mulo8qmmYTxbfPLAMPZ1flaTgo2iWHCKmfaGZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DhIQzL1URogrGDDExtPWVkMnByvRlVEyqof1lNPm-ZGH4K1eXuCEchtZTea-mcnB63imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlTyCUwOOVyN2KsJdQY-vvw3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=196899&b=K19HRfRkQ9FGJMes5Hrt4HPtYG1a8TATXAaq&f=k5gs5fQP86FdRWgH4HZtpHmCk53UkTjTBRhR&c=970&d=250&e=&g=c5525dcf2ec8bfbb239f1d483c36bc81%2F15498422038251962271&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1674322056987&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D58174908%3Bcrtbwp%3D0.01391-q0U4z5Zr0UU5nBlNTO9GBwi-hgJwsK1k0%3Bcrtbdata%3DpI-0AXQtEWydKVBh47-yuHaNe2ww0hRIo8KV65ojSF0S7vGKfj_u6R2R6QFKlcaadfbojnNZZ6GI5lczJZctJKst9pK3RJfJuY6Ph63adJjRFXt4vKagSHgqcB-zYbs1rjP4DvckvntNIxo88LcnSxUCzFW9mulo8qmmYTxbfPLAMPZ1flaTgo2iWHCKmfaGZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DhIQzL1URogrGDDExtPWVkMnByvRlVEyqof1lNPm-ZGH4K1eXuCEchtZTea-mcnB63imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlTyCUwOOVyN2KsJdQY-vvw3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1674054542
age
267210
cf-polished
origSize=92334
x-guploader-uploadid
ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 18 Jan 2023 15:09:31 GMT
server
cloudflare
etag
W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary
Accept-Encoding
x-goog-generation
1674054571046429
content-type
text/css
x-goog-hash
crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtQ5Y9%2FwsG8faZreUiSsAbbkQ30XK4QlXQbxiM9Kr2BkpkEYcVzEC%2BtpzunmRrUpi4wbJKNKIG4iOKzE4XFJkFNfJsL7N2sb8OPjl%2BGkrpReFvqKM%2FuFtSokhR2TmzzMElHzYCMNGc4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
92334
cf-ray
78d1c2f8bdcd9000-FRA
expires
Sat, 21 Jan 2023 18:27:37 GMT
B2A0FAC835CBC0CAAC8A748AD85222234249B6ECDB55EF294B01132493259F4C3798E645FAB9D3C96E5A0887B7B6C177818C67127BB958F4A821C512092954F7
assets.ad4m.at/product_image/ Frame 21BE 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B2A0FAC835CBC0CAAC8A748AD85222234249B6ECDB55EF294B01132493259F4C3798E645FAB9D3C96E5A0887B7B6C177818C67127BB958F4A821C512092954F7
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196899&b=K19HRfRkQ9FGJMes5Hrt4HPtYG1a8TATXAaq&f=k5gs5fQP86FdRWgH4HZtpHmCk53UkTjTBRhR&c=970&d=250&e=&g=c5525dcf2ec8bfbb239f1d483c36bc81%2F15498422038251962271&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1674322056987&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D58174908%3Bcrtbwp%3D0.01391-q0U4z5Zr0UU5nBlNTO9GBwi-hgJwsK1k0%3Bcrtbdata%3DpI-0AXQtEWydKVBh47-yuHaNe2ww0hRIo8KV65ojSF0S7vGKfj_u6R2R6QFKlcaadfbojnNZZ6GI5lczJZctJKst9pK3RJfJuY6Ph63adJjRFXt4vKagSHgqcB-zYbs1rjP4DvckvntNIxo88LcnSxUCzFW9mulo8qmmYTxbfPLAMPZ1flaTgo2iWHCKmfaGZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DhIQzL1URogrGDDExtPWVkMnByvRlVEyqof1lNPm-ZGH4K1eXuCEchtZTea-mcnB63imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlTyCUwOOVyN2KsJdQY-vvw3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84acdcdb100cd0100965d4c5ca2ee738e02f5c72d3a0666beaa7141513c138c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
115714
cf-polished
degrade=85, origSize=84556, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57195
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 15:19:52 GMT
server
cloudflare
etag
"a5082e5d56ee6f6e84fcba4a6c1dec4b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VlSld3DwJowi9uBIw5FxLTK21Bd%2BzY1jo8xkchbdy3qD3eu%2F9x8ueGQQ6vvLO1dAMjwLgpbKVKy%2Bmn4i%2FJbECw5Mf%2BHzg%2F2TntELH8kTSvLR4DcvUi%2FY89UMvA6A7XHDjzq0oqCpS6ZxBUUS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78d1c2f8cac75c44-FRA
expires
Sun, 22 Jan 2023 17:27:37 GMT
default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame FCFA 		90 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C197862%2C177100&b=3Jghpf4fXBjga7HrHAtEt9ZrSPSWTAJFd%2CKk8URfZfGBmzU5HMHktPtK13Yf7SATwAFq%2C8bjtDf8fRJV5ugHJHEtxteA92FGSwT8jFk&f=WVpHrfdfZYM6UYH5HjtDCXz8H3SETJ8F2%2CkGQS5f3fd65qF4HwHetmCX3qkfZSjTpRFR%2CZp4TwfBfzDmMcmHDHDtDC1jbwa6SXTxgFJ&c=970&d=250&e=&g=9c773e39be6301880c80b3f092dff1f1%2F11318067835857329594&i=20597%2C71725%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf03netmixdc&r=1674322057010&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33501765%3Bcrtbwp%3D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%3Bcrtbdata%3DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=183975%2C197862%2C177100&b=3Jghpf4fXBjga7HrHAtEt9ZrSPSWTAJFd%2CKk8URfZfGBmzU5HMHktPtK13Yf7SATwAFq%2C8bjtDf8fRJV5ugHJHEtxteA92FGSwT8jFk&f=WVpHrfdfZYM6UYH5HjtDCXz8H3SETJ8F2%2CkGQS5f3fd65qF4HwHetmCX3qkfZSjTpRFR%2CZp4TwfBfzDmMcmHDHDtDC1jbwa6SXTxgFJ&c=970&d=250&e=&g=9c773e39be6301880c80b3f092dff1f1%2F11318067835857329594&i=20597%2C71725%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf03netmixdc&r=1674322057010&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33501765%3Bcrtbwp%3D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%3Bcrtbdata%3DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1674054542
age
267210
cf-polished
origSize=92334
x-guploader-uploadid
ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 18 Jan 2023 15:09:31 GMT
server
cloudflare
etag
W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary
Accept-Encoding
x-goog-generation
1674054571046429
content-type
text/css
x-goog-hash
crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F987LqWT0MUxE%2FhusB2I613JRo0N%2BFtnmkBV2qhEDJZJide12JPcHDryLcuUeYN1GGgFXm%2FxeUsf6dL%2FvGQNfDSTooMYSAVhoYqkFRtmGuNgFQiHzHYliqr6Nq%2Bih2gsBEypuJX6GFg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
92334
cf-ray
78d1c2f8de059000-FRA
expires
Sat, 21 Jan 2023 18:27:37 GMT
F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame FCFA 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C197862%2C177100&b=3Jghpf4fXBjga7HrHAtEt9ZrSPSWTAJFd%2CKk8URfZfGBmzU5HMHktPtK13Yf7SATwAFq%2C8bjtDf8fRJV5ugHJHEtxteA92FGSwT8jFk&f=WVpHrfdfZYM6UYH5HjtDCXz8H3SETJ8F2%2CkGQS5f3fd65qF4HwHetmCX3qkfZSjTpRFR%2CZp4TwfBfzDmMcmHDHDtDC1jbwa6SXTxgFJ&c=970&d=250&e=&g=9c773e39be6301880c80b3f092dff1f1%2F11318067835857329594&i=20597%2C71725%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf03netmixdc&r=1674322057010&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33501765%3Bcrtbwp%3D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%3Bcrtbdata%3DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
156288
cf-polished
origFmt=png, origSize=233620
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130162
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:10:51 GMT
server
cloudflare
etag
"d1d171dd651522f41a2fc0dba256a546"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDuSYSok9x0sLjoW2OxbV3LXHjev7Gz7GIRDU62C%2FtIZ3mn%2F6GGByXP2iiTmId8x0HJPdvsMGF499s0kaXX7yBVcTQ3cT%2BQrpV8YvRimHK2qNPcYNAG3WvErVHfxwz%2BIOAC47TaQoVwE46Tp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78d1c2f8dad85c44-FRA
expires
Sun, 22 Jan 2023 17:27:37 GMT
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame FCFA 		461 KB
462 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C197862%2C177100&b=3Jghpf4fXBjga7HrHAtEt9ZrSPSWTAJFd%2CKk8URfZfGBmzU5HMHktPtK13Yf7SATwAFq%2C8bjtDf8fRJV5ugHJHEtxteA92FGSwT8jFk&f=WVpHrfdfZYM6UYH5HjtDCXz8H3SETJ8F2%2CkGQS5f3fd65qF4HwHetmCX3qkfZSjTpRFR%2CZp4TwfBfzDmMcmHDHDtDC1jbwa6SXTxgFJ&c=970&d=250&e=&g=9c773e39be6301880c80b3f092dff1f1%2F11318067835857329594&i=20597%2C71725%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf03netmixdc&r=1674322057010&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33501765%3Bcrtbwp%3D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%3Bcrtbdata%3DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1284503
cf-polished
origFmt=png, origSize=731561
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
471752
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6sphHmUz4nPc66Y5lupGlkZL0RRr6puPWTjIm90Yq7Q8JTBX6h689K13PCrCkY3E6hRNUzgwEkbLj13hJDkIymeNC%2BgtMTKakcCnEbKy9Wt%2Fro7W%2FpLBfDZ7TTKI%2BBc5Dg0kZDDmPwaPzhO"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78d1c2f8eb035c44-FRA
expires
Sun, 22 Jan 2023 17:27:37 GMT
B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
assets.ad4m.at/logo/ Frame FCFA 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C197862%2C177100&b=3Jghpf4fXBjga7HrHAtEt9ZrSPSWTAJFd%2CKk8URfZfGBmzU5HMHktPtK13Yf7SATwAFq%2C8bjtDf8fRJV5ugHJHEtxteA92FGSwT8jFk&f=WVpHrfdfZYM6UYH5HjtDCXz8H3SETJ8F2%2CkGQS5f3fd65qF4HwHetmCX3qkfZSjTpRFR%2CZp4TwfBfzDmMcmHDHDtDC1jbwa6SXTxgFJ&c=970&d=250&e=&g=9c773e39be6301880c80b3f092dff1f1%2F11318067835857329594&i=20597%2C71725%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf03netmixdc&r=1674322057010&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33501765%3Bcrtbwp%3D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%3Bcrtbdata%3DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1287653
cf-polished
origFmt=png, origSize=53992
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26236
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Jun 2022 14:47:26 GMT
server
cloudflare
etag
"e460905652d65e6a54a57da046f52d6c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8KWVPjZi0fiABPwLvWWV8eQCaslfBoJQOQQQhkExvS7TFrn1QqPdARvnyYIzp8R9Ogc9R7IVbRSqVdDedkwuPpV2rlbyQrbCLoF4alC6WBGryP8QT1r%2FjYlTMhKMcAU3pINN6aevms2LhO0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78d1c2f8eb055c44-FRA
expires
Sun, 22 Jan 2023 17:27:37 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame FCFA 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C197862%2C177100&b=3Jghpf4fXBjga7HrHAtEt9ZrSPSWTAJFd%2CKk8URfZfGBmzU5HMHktPtK13Yf7SATwAFq%2C8bjtDf8fRJV5ugHJHEtxteA92FGSwT8jFk&f=WVpHrfdfZYM6UYH5HjtDCXz8H3SETJ8F2%2CkGQS5f3fd65qF4HwHetmCX3qkfZSjTpRFR%2CZp4TwfBfzDmMcmHDHDtDC1jbwa6SXTxgFJ&c=970&d=250&e=&g=9c773e39be6301880c80b3f092dff1f1%2F11318067835857329594&i=20597%2C71725%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf03netmixdc&r=1674322057010&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33501765%3Bcrtbwp%3D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%3Bcrtbdata%3DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
250605
cf-polished
origFmt=png, origSize=105738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55786
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rq9FzG7UKGUYN85FH14%2F9WFOL9dET60HidtsnOaAgWhGpndCQaEw57vd91gZeoMeElsFwENUnbv6YniMSgHgBf0CRvMioJ0RM6Zl5UgP53c%2Fb5tOdKCqj66jc5fvQAduS6C6okJyxg%2FYlSo"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78d1c2f8eb095c44-FRA
expires
Sun, 22 Jan 2023 17:27:37 GMT
63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
assets.ad4m.at/logo/ Frame FCFA 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C197862%2C177100&b=3Jghpf4fXBjga7HrHAtEt9ZrSPSWTAJFd%2CKk8URfZfGBmzU5HMHktPtK13Yf7SATwAFq%2C8bjtDf8fRJV5ugHJHEtxteA92FGSwT8jFk&f=WVpHrfdfZYM6UYH5HjtDCXz8H3SETJ8F2%2CkGQS5f3fd65qF4HwHetmCX3qkfZSjTpRFR%2CZp4TwfBfzDmMcmHDHDtDC1jbwa6SXTxgFJ&c=970&d=250&e=&g=9c773e39be6301880c80b3f092dff1f1%2F11318067835857329594&i=20597%2C71725%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf03netmixdc&r=1674322057010&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33501765%3Bcrtbwp%3D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%3Bcrtbdata%3DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1440979
cf-polished
origFmt=png, origSize=12956
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7692
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 14:32:10 GMT
server
cloudflare
etag
"c6c297b07f296b60586b8613b6e9b5cd"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BC4x0r6p0%2FWcJuh%2FIW01xhTte0qpb4sfAPPwRWIqSJShOSty3fZmXmadTJ%2F3lD8NZ8Q9uYdUizkqnZ%2FDAZ894O163MSXr7O8mIKMK0kDTvswwZtyy262YxFgA4ZS2aQ8%2BZ3lt2ldBe8b%2B8U"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78d1c2f8eb0e5c44-FRA
expires
Sun, 22 Jan 2023 17:27:37 GMT
A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
assets.ad4m.at/product_image/ Frame FCFA 		422 KB
423 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C197862%2C177100&b=3Jghpf4fXBjga7HrHAtEt9ZrSPSWTAJFd%2CKk8URfZfGBmzU5HMHktPtK13Yf7SATwAFq%2C8bjtDf8fRJV5ugHJHEtxteA92FGSwT8jFk&f=WVpHrfdfZYM6UYH5HjtDCXz8H3SETJ8F2%2CkGQS5f3fd65qF4HwHetmCX3qkfZSjTpRFR%2CZp4TwfBfzDmMcmHDHDtDC1jbwa6SXTxgFJ&c=970&d=250&e=&g=9c773e39be6301880c80b3f092dff1f1%2F11318067835857329594&i=20597%2C71725%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf03netmixdc&r=1674322057010&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33501765%3Bcrtbwp%3D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%3Bcrtbdata%3DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d2cf79989a25b94d2694569e8a8372c34b3cfac8caf3f7c2ae6d97f7e9d02ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
663214
cf-polished
origFmt=png, origSize=632572
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
432334
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Dec 2021 17:30:00 GMT
server
cloudflare
etag
"ee529fd62e145fb264303add5fb5a944"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xv%2FhaLUYnADWK9THrAwL1677eCzuIYRFlijIJhUfcqJY9%2FZDuXIysL8rFT10fV64BlrivV03%2Fvx4a%2FE9eQ1gsMem2p1l3sbzs34hmKRRgCvV8IuWDPbC2qz5mxMzTihzKbRfP8%2FuI0Ys2rHg"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78d1c2f8eb0f5c44-FRA
expires
Sun, 22 Jan 2023 17:27:37 GMT
a3e3d9fe-211d-4d98-922d-f3521eab9815
https://amenazaytx.site/ Frame 8350 		185 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://amenazaytx.site/a3e3d9fe-211d-4d98-922d-f3521eab9815
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
link.html
track.webgains.com/ Frame FCFA 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kxv5zqqge5jxtxqy6w3326gpzp1sk6w8mggvxr2xm5b7se69ng5hjewth2ead1n1908krfqn1b945t0c0fsqgm88w56jwjxveaqjr279v4aksqv3chx3nftrpzad5s6d9xyyfqrkwetfmbw4r3e9t65a5e5vg2p2mgfmrs09zy8yw62b7wv2etg2xvk7ta8z6s803rcwe2gq7ry80ewh4gb5v8qhhe3eqbdznr6d0abexx1072vyb47ckcy88zf2c%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D33501765%253Bcrtbwp%253D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%253Bcrtbdata%253DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%253Badfibeg%253D0%253Bcdata%253D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252famenazaytx.site%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneidWVpHrfdfZYM6UYH5HjtDCXz8H3SETJ8F2oneid__reach_adf03netmixdc&viewref=oneid3Jghpf4fXBjga7HrHAtEt9ZrSPSWTAJFdoneid__reach_adf03netmixdc
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C197862%2C177100&b=3Jghpf4fXBjga7HrHAtEt9ZrSPSWTAJFd%2CKk8URfZfGBmzU5HMHktPtK13Yf7SATwAFq%2C8bjtDf8fRJV5ugHJHEtxteA92FGSwT8jFk&f=WVpHrfdfZYM6UYH5HjtDCXz8H3SETJ8F2%2CkGQS5f3fd65qF4HwHetmCX3qkfZSjTpRFR%2CZp4TwfBfzDmMcmHDHDtDC1jbwa6SXTxgFJ&c=970&d=250&e=&g=9c773e39be6301880c80b3f092dff1f1%2F11318067835857329594&i=20597%2C71725%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf03netmixdc&r=1674322057010&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33501765%3Bcrtbwp%3D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%3Bcrtbdata%3DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.200.225 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-200-225.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
5e9ee91cda1613fb8a3c5304b1b3f4ca5dc937e0fc73db34971c2361b63d56fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:37 GMT
last-modified
Sat, 21 Jan 2023 17:27:37 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sat, 21 Jan 2023 17:28:37 GMT
link.html
track.webgains.com/ Frame FCFA 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hk1p07zr4rj6k5k3qwhqn4z7rv4m2ay2n621w6kp931e28qsqwqgwyt0kr7h7wk28g5sahpm9595f5cmtf4wpe4s0h6yssb5xz5kbgadavfb639rnfhhe0fvncpjrsshc1dxtv6j5sdke87jv639wxx9tn22v7zdb7ek8ekvtswah645fr77vr18y5wmsgk2a9nvazx6jpwan5sx28d4bxne126ts52vmbdpxabksb8gfex5s0pkd166ea8mc8kw4%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D33501765%253Bcrtbwp%253D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%253Bcrtbdata%253DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%253Badfibeg%253D0%253Bcdata%253D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252famenazaytx.site%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneidkGQS5f3fd65qF4HwHetmCX3qkfZSjTpRFRoneid__reach_adf03netmixdc&viewref=oneidKk8URfZfGBmzU5HMHktPtK13Yf7SATwAFqoneid__reach_adf03netmixdc
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C197862%2C177100&b=3Jghpf4fXBjga7HrHAtEt9ZrSPSWTAJFd%2CKk8URfZfGBmzU5HMHktPtK13Yf7SATwAFq%2C8bjtDf8fRJV5ugHJHEtxteA92FGSwT8jFk&f=WVpHrfdfZYM6UYH5HjtDCXz8H3SETJ8F2%2CkGQS5f3fd65qF4HwHetmCX3qkfZSjTpRFR%2CZp4TwfBfzDmMcmHDHDtDC1jbwa6SXTxgFJ&c=970&d=250&e=&g=9c773e39be6301880c80b3f092dff1f1%2F11318067835857329594&i=20597%2C71725%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf03netmixdc&r=1674322057010&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33501765%3Bcrtbwp%3D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%3Bcrtbdata%3DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.200.225 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-200-225.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e30b44b8d21b6e4ce222fc93fc5430d01d42b1844015a43df489b1883e447de3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:37 GMT
last-modified
Sat, 21 Jan 2023 17:27:37 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sat, 21 Jan 2023 17:28:37 GMT
link.html
track.webgains.com/ Frame FCFA 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gwszdpwh8s7vtcv9rtjs20dqbtc50306bkap2m4dypbthhkcbgrsc8bvt6wk2sc4ac7vxdhn580je7n8mghfm7nfvvz1396ydvezp0g9zdgm4vq8g0xbr3bwdcjf2d29b12vavrp6855ygm1c7kx0pkwjsbf9wcjw4c28pn99c50ce11rs73hxde5sp0ydg267wyhqfrqnwpg5ffd42g97aw2cbqh12g5nb3t27yyjvxdtkbv6z72ybp1zwx60z7r%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D33501765%253Bcrtbwp%253D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%253Bcrtbdata%253DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%253Badfibeg%253D0%253Bcdata%253D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252famenazaytx.site%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneidZp4TwfBfzDmMcmHDHDtDC1jbwa6SXTxgFJoneid__reach_adf03netmixdc&viewref=oneid8bjtDf8fRJV5ugHJHEtxteA92FGSwT8jFkoneid__reach_adf03netmixdc
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C197862%2C177100&b=3Jghpf4fXBjga7HrHAtEt9ZrSPSWTAJFd%2CKk8URfZfGBmzU5HMHktPtK13Yf7SATwAFq%2C8bjtDf8fRJV5ugHJHEtxteA92FGSwT8jFk&f=WVpHrfdfZYM6UYH5HjtDCXz8H3SETJ8F2%2CkGQS5f3fd65qF4HwHetmCX3qkfZSjTpRFR%2CZp4TwfBfzDmMcmHDHDtDC1jbwa6SXTxgFJ&c=970&d=250&e=&g=9c773e39be6301880c80b3f092dff1f1%2F11318067835857329594&i=20597%2C71725%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf03netmixdc&r=1674322057010&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33501765%3Bcrtbwp%3D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%3Bcrtbdata%3DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.200.225 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-200-225.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
f170245e9c00d8853d78f4fe10add0adcc8dd1648d34dfa54a9c3bde2aa6023d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:37 GMT
last-modified
Sat, 21 Jan 2023 17:27:37 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sat, 21 Jan 2023 17:28:37 GMT
1x1.png
secure-assets.rubiconproject.com/static/psa/blank/ Frame 07FA 		156 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-assets.rubiconproject.com/static/psa/blank/1x1.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:37 GMT
content-encoding
gzip
last-modified
Tue, 01 Oct 2019 16:53:58 GMT
server
Apache
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-length
155
postback
s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/ Frame F6D1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/postback?pp=11793&gt=2921044&ci=596918&dm=970x250&c2=15064&ti=43656566482233002141640&dt=5969181520951367361000&pv=ab437893-3012-4a9b-8aa6-e4e0801b976e&si=9019839&pc=286958&di=amenazaytx.site&md=1&c1=2409&to=3&ai=15025&sr=12&cb=1674322054&sid=AcWPiXgAEeTuS4H7&oz_sc=0ccbe9f967fe7c0096bead6b&oz_df=1674322057195&oz_l=4734&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.88.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 21 Jan 2023 17:27:36 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
pvClk.min.js
analytics.webgains.io/ Frame FCFA 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gwszdpwh8s7vtcv9rtjs20dqbtc50306bkap2m4dypbthhkcbgrsc8bvt6wk2sc4ac7vxdhn580je7n8mghfm7nfvvz1396ydvezp0g9zdgm4vq8g0xbr3bwdcjf2d29b12vavrp6855ygm1c7kx0pkwjsbf9wcjw4c28pn99c50ce11rs73hxde5sp0ydg267wyhqfrqnwpg5ffd42g97aw2cbqh12g5nb3t27yyjvxdtkbv6z72ybp1zwx60z7r%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D33501765%253Bcrtbwp%253D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%253Bcrtbdata%253DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%253Badfibeg%253D0%253Bcdata%253D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252famenazaytx.site%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneidZp4TwfBfzDmMcmHDHDtDC1jbwa6SXTxgFJoneid__reach_adf03netmixdc&viewref=oneid8bjtDf8fRJV5ugHJHEtxteA92FGSwT8jFkoneid__reach_adf03netmixdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 15:31:22 GMT
content-encoding
gzip
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
6976
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
pW9DrMjOY0jA3nFWkryJd4-Q7_OpCxpP0ruGREKIzs80TSMx0bM6RA==
1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png
cdn.track.production.webgains.team/278155/ Frame FCFA 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/278155/1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png?Expires=1674322357&Signature=mrzNiwy7tyYUGY8yb1RdIJKrQm20IeXX9YMPB1GthwUeQ7kLmxHa2eAbRaN0F8bieuchYiq0RH1WxMn7WIge4wPTUqWNT9buO981k2wAV9kzWADwozxVA36iCUOXmPb0rURacMGugVQ6kyNcnBb4cIkqlrS0lfyv5~ATtAXaBwtZv9Rlk9-fT9rBi3ufQ18U3Vcl9i-eJJEprZyk5hKxp9RKAWIvZBKUTZ1xlgh4YKr5Czo9WimccHaRhsJJUkBv34iJmmiRDQc33Dah2EIaGWaXv2TPERJFYjFx5cG2P9bbvU8NIRWM1RjnbdbJnZ3vvHF935fI0Yj4wdfWeTyQIQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C197862%2C177100&b=3Jghpf4fXBjga7HrHAtEt9ZrSPSWTAJFd%2CKk8URfZfGBmzU5HMHktPtK13Yf7SATwAFq%2C8bjtDf8fRJV5ugHJHEtxteA92FGSwT8jFk&f=WVpHrfdfZYM6UYH5HjtDCXz8H3SETJ8F2%2CkGQS5f3fd65qF4HwHetmCX3qkfZSjTpRFR%2CZp4TwfBfzDmMcmHDHDtDC1jbwa6SXTxgFJ&c=970&d=250&e=&g=9c773e39be6301880c80b3f092dff1f1%2F11318067835857329594&i=20597%2C71725%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf03netmixdc&r=1674322057010&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33501765%3Bcrtbwp%3D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%3Bcrtbdata%3DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-50.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 21 Jan 2023 05:11:56 GMT
via
1.1 dcbc01ed47e0218a59f0fec8e1b9aa18.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:31:16 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
age
44142
etag
"90a67412ed0b25c3e4ca2ad17658d5e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2545
x-amz-cf-id
nvyfd51Ao1CYGiSqfaFrv79jFrM__b0FbIb6mNYSig0jARcdX6WYQA==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame FCFA 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1674322357&Signature=Qhfbk8hTl1i2yAopdf3sXquVo~68Ldq67pGHEQFHiDCwETBS1UFLShbsPyYHs5qSXHQfCO5zVauXwcCy09UOVub68jYea7VC15mBhnFkewyZdwtp1UfgMyYIvStpEIHT2Yq1poY2ZnkunLyvUU9Tcngq0a3ZBlR6Z099J2AaofGVgve~8IC~1mAOKJUb0Z0DCfv9FmKXmQR0Yo~Yhwz~qz9Z-OQCvGRBWz77w-QY16JqZ1ADNummHaFxiDMWegYK-gFUNsBPBXX01KW2NKhbG9UBEVifFj0f5NL0Rqi3sPkuNhPNXBcg19mMhtgvmiVrR7xO25yVw0RwD6~eIrgo6A__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C197862%2C177100&b=3Jghpf4fXBjga7HrHAtEt9ZrSPSWTAJFd%2CKk8URfZfGBmzU5HMHktPtK13Yf7SATwAFq%2C8bjtDf8fRJV5ugHJHEtxteA92FGSwT8jFk&f=WVpHrfdfZYM6UYH5HjtDCXz8H3SETJ8F2%2CkGQS5f3fd65qF4HwHetmCX3qkfZSjTpRFR%2CZp4TwfBfzDmMcmHDHDtDC1jbwa6SXTxgFJ&c=970&d=250&e=&g=9c773e39be6301880c80b3f092dff1f1%2F11318067835857329594&i=20597%2C71725%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf03netmixdc&r=1674322057010&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33501765%3Bcrtbwp%3D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%3Bcrtbdata%3DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-50.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 21 Jan 2023 01:21:36 GMT
via
1.1 dcbc01ed47e0218a59f0fec8e1b9aa18.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
age
57962
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
MOe6TZsGQ1waZNKYaxegoERWyxgHZ8zE1JuHSwvGilncoGKy4GkPsw==
link.html
track.webgains.com/ Frame FCFA 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid3Jghpf4fXBjga7HrHAtEt9ZrSPSWTAJFdoneid__reach_adf03netmixdc&wglinkid=2194035
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C197862%2C177100&b=3Jghpf4fXBjga7HrHAtEt9ZrSPSWTAJFd%2CKk8URfZfGBmzU5HMHktPtK13Yf7SATwAFq%2C8bjtDf8fRJV5ugHJHEtxteA92FGSwT8jFk&f=WVpHrfdfZYM6UYH5HjtDCXz8H3SETJ8F2%2CkGQS5f3fd65qF4HwHetmCX3qkfZSjTpRFR%2CZp4TwfBfzDmMcmHDHDtDC1jbwa6SXTxgFJ&c=970&d=250&e=&g=9c773e39be6301880c80b3f092dff1f1%2F11318067835857329594&i=20597%2C71725%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf03netmixdc&r=1674322057010&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D33501765%3Bcrtbwp%3D0.01712-crzh18vXmBFjJlKMdS98AkcIE6g7P67c0%3Bcrtbdata%3DsRjv4zJ1xnW877P9d1YqsLfLODioVsD8FP5iI_SvjUw89OObY4UV-e2Ae2QuxeHsdfbojnNZZ6GI5lczJZctJKst9pK3RJfJK6lcCgi1PK_aiOvSpGtbkbQbnxBq0dxVkP3UXuOcmrp5OpygTe6no4EfIxLDKzVGhTfD1LdV2N6nekSnHNDFnuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3D-iUznVcvdWbGDDExtPWVkMnByvRlVEyqT6VyhX8ex2QVXk32nbGgiXTWRUKBd3ka3imjTxRQVYE0AE0w2f6HqsHzWJ8iG5IJY8ubVsNPRzoJDwKV3Zer3MjMUIauvmhlBcBRmxz4orwfVzV4Yz2TB3TAIT4W6WreQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252famenazaytx.site%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.200.225 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-200-225.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:37 GMT
last-modified
Sat, 21 Jan 2023 17:27:37 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sat, 21 Jan 2023 17:28:37 GMT
postback
s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/ Frame F6D1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/postback?pp=11793&gt=2921044&ci=596918&dm=970x250&c2=15064&ti=43656566482233002141640&dt=5969181520951367361000&pv=ab437893-3012-4a9b-8aa6-e4e0801b976e&si=9019839&pc=286958&di=amenazaytx.site&md=1&c1=2409&to=3&ai=15025&sr=12&cb=1674322054&sid=AcWPiXgAEeTuS4H7&oz_sc=0ccbe9f967fe7c0096bead6b&oz_df=1674322057348&oz_l=1666&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.88.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 21 Jan 2023 17:27:36 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed4ee8181abeabebe40f5bda586481634ec19b228a8a28f975b3b2296d4d7720
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11006
x-xss-protection
0
sync
eb2.3lift.com/ Frame C0C9 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=44835
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sat, 21 Jan 2023 17:27:37 GMT
sync
eb2.3lift.com/ Frame 5C92 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=80179
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sat, 21 Jan 2023 17:27:37 GMT
postback
s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/ Frame F6D1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/postback?pp=11793&gt=2921044&ci=596918&dm=970x250&c2=15064&ti=43656566482233002141640&dt=5969181520951367361000&pv=ab437893-3012-4a9b-8aa6-e4e0801b976e&si=9019839&pc=286958&di=amenazaytx.site&md=1&c1=2409&to=3&ai=15025&sr=12&cb=1674322054&sid=AcWPiXgAEeTuS4H7&oz_sc=0ccbe9f967fe7c0096bead6b&oz_df=1674322057500&oz_l=371&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.88.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 21 Jan 2023 17:27:36 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 21 Jan 2023 17:27:37 GMT
3b4b84b2-a2f7-4a64-a1d9-5498062ae557
https://amenazaytx.site/ Frame F6D1 		802 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://amenazaytx.site/3b4b84b2-a2f7-4a64-a1d9-5498062ae557
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
facd25d708d9c13ecbbee553e7eb9e729075f1e929bb528cad034217135f0692

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length
802
Content-Type
postback
s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/ Frame F6D1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/postback?pp=11793&gt=2921044&ci=596918&dm=970x250&c2=15064&ti=43656566482233002141640&dt=5969181520951367361000&pv=ab437893-3012-4a9b-8aa6-e4e0801b976e&si=9019839&pc=286958&di=amenazaytx.site&md=1&c1=2409&to=3&ai=15025&sr=12&cb=1674322054&sid=AcWPiXgAEeTuS4H7&oz_sc=0ccbe9f967fe7c0096bead6b&oz_df=1674322057657&oz_l=717&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.88.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 21 Jan 2023 17:27:36 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1788 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
32682
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 21 Jan 2023 08:22:55 GMT
expires
Sun, 21 Jan 2024 08:22:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3D9C 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4e1b03c46ae34daf7c14e7d57a4d07844808fc28acbd442b91dcc407fb9c7fb7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yCXYBYsCSlEzZmArCrA8PQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-yCXYBYsCSlEzZmArCrA8PQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Jan 2023 17:27:37 GMT
expires
Sat, 21 Jan 2023 17:27:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 800B 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Jan 2023 17:27:37 GMT
JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
pagead2.googlesyndication.com/bg/ Frame 1788 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:07:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16089
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Jan 2024 09:07:22 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3D9C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011701&jk=3706114325189126&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
postback
s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/ Frame F6D1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/postback?pp=11793&gt=2921044&ci=596918&dm=970x250&c2=15064&ti=43656566482233002141640&dt=5969181520951367361000&pv=ab437893-3012-4a9b-8aa6-e4e0801b976e&si=9019839&pc=286958&di=amenazaytx.site&md=1&c1=2409&to=3&ai=15025&sr=12&cb=1674322054&sid=AcWPiXgAEeTuS4H7&oz_sc=0ccbe9f967fe7c0096bead6b&oz_df=1674322057829&oz_l=13010&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.88.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 21 Jan 2023 17:27:37 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
/
track.adform.net/serving/unload/ Frame 6ECB 		35 B
469 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7748378143796879746@@58174908,4846253968989880832,100|1033|0|0|0|0|0|0|0||131|0|||||1|0|0|4kg-C0q2JO248M5tcwHHbX5S5We_-PW5gPR5B-TcpNGu05eRTueW1hhpnBRkvb3lA7z_uuw_WOM1||1|11|0|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://amenazaytx.site
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 6EB1 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Jan 2023 17:27:38 GMT
postback
s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/ Frame F6D1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/postback?pp=11793&gt=2921044&ci=596918&dm=970x250&c2=15064&ti=43656566482233002141640&dt=5969181520951367361000&pv=ab437893-3012-4a9b-8aa6-e4e0801b976e&si=9019839&pc=286958&di=amenazaytx.site&md=1&c1=2409&to=3&ai=15025&sr=12&cb=1674322054&sid=AcWPiXgAEeTuS4H7&oz_sc=0ccbe9f967fe7c0096bead6b&oz_df=1674322058180&oz_l=134&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.88.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 21 Jan 2023 17:27:37 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
tracking-event
api.webgains.io/ Frame FCFA 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.22.21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-22-21.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.22.21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-22-21.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sat, 21 Jan 2023 17:27:38 GMT
server
nginx
syncframe
gum.criteo.com/ Frame D149 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=amenazaytx.site
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Jan 2023 17:27:37 GMT
server
Kestrel
server-processing-duration-in-ticks
675808
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 800B 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4c648b28fbfa46cbae28a58852798157c8eb336f795de67c45fa735464b62617
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 10 Jan 2023 22:25:06 GMT
server
nginx
etag
W/"63bde5c2-162a9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Jan 2023 17:27:38 GMT
checksync.php
contextual.media.net/ Frame EA61 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
51b9777abda8a6ddc4c1ae2e0d25cc908a3fda58b3ccc541bfd77953832dbf7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8210
content-type
text/html; charset=UTF-8
date
Sat, 21 Jan 2023 17:27:38 GMT
expires
Mon, 23 Jan 2023 17:27:38 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync.html
public.servenobid.com/ Frame 3711 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-45.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
43638
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sat, 21 Jan 2023 05:20:21 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-id
BWFlCrN9A2uSBSsoMbP5F-Wr1alW1pcJow2_V9OOz3d5omvsKm_ACw==
x-amz-cf-pop
FRA56-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
sync
eb2.3lift.com/ Frame EA53 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sat, 21 Jan 2023 17:27:38 GMT
/
onetag-sys.com/usync/ Frame 2E0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1674322055311
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6C93 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 21 Jan 2023 17:27:38 GMT
ETag
"623de86a-cf34"
Expires
Sun, 22 Jan 2023 17:27:40 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
tracking-event
api.webgains.io/ Frame FCFA 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.22.21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-22-21.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.22.21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-22-21.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sat, 21 Jan 2023 17:27:38 GMT
server
nginx
tracking-event
api.webgains.io/ Frame FCFA 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.22.21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-22-21.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.22.21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-22-21.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sat, 21 Jan 2023 17:27:38 GMT
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011701&jk=3706114325189126&bg=!7e6l7qrNAAYDMoyoIzI7ACkAdvg8WqMD7Sbd3iqJHbYFErRvzmX8Y0xo09tpJW2Us25k1yhZNs5CaQIAAABGUgAAAAJoAQcKADW0BtlBbzyUm9ePXsLafStcUIUnu6gs5rV7oXn3Pseyk-uv9NtDr86FAHqKOinG3mm2hONjvZkCoPe7jJ0itVPwp4sqaa5P1zksmILPU5ZkXi5YtmOOzD4Hsui82pXpD-i7OMpnc-miwUUkylhGYUTbe2BlOt7fqb4uqc3x3jKn6Tt-K3QMjSpqvimhUHXx9by21_zgCvCx2oPOu_MjLbE-X6k2Q1lAa8H5P9ukmJ3eR2xDMdZ3s4BMNofn4_MpgV_lcL8zTz4ASTl1IrYP0s7mbPjj94edIolQXxMLslsLmBW_5s0ElB_q8_GSg_ppaRbZEwemT949dP6wb8zbohed-eUSyRaCpqlWZeAlTLc5q_2vx8wMn7p6E0sksDU6hvyeQ8KkI-IEUu-PMZ5cW6agQ-rlVdxkDIJkNBbTrEqvg53RTtuXHVgfynwGtTbnUHDkl0jUNN4gfrCEvmJbrmnC0bg9L13bfEaNYKHpJJrVtLbIoPMzPSKetLHZLu3n5QOeiUuZsvPtyrcDPx88pNWf6WHL0Zxpt_gfHopWD1fxdAXnbPbAmYwspufn3KnRhob6L3MHWb5-skfY9-AfJoXiQT3etl9SDYyHQEptlXjtXtoWkVug70F-S4D8PM05lWDHkXm50OQJu0om43LD4YltwdrNcDc8eE-Yk3zOwsxIr0fHtxpOCmeuj7diePy3Bm9oH35xMJrhL99e8TFit7jeNAiMYt-odcoS5MUBG9mMlchaYd8mWz7jiD7ZJCO3zWcOTcp5blOKctlKYCEpkuKI6zeNd5eoNucA1OFxRpp3-J70gtQp8dT5CBDM-MFu-gJN74_TYZZqeeEdLqH8Dcg8Y1qU8Wtrhawm6_10qpo7itBF3vE_AZ4vhYd6PeRrkWbgrkkFHJuxLBpdiVhkIzqcqYzv9tzAuHIqe_Y4YA_tEGdpEMc74BAeMHeyyvrwMy52GJKFuwrpuw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
postback
s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/ Frame F6D1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/postback?pp=11793&gt=2921044&ci=596918&dm=970x250&c2=15064&ti=43656566482233002141640&dt=5969181520951367361000&pv=ab437893-3012-4a9b-8aa6-e4e0801b976e&si=9019839&pc=286958&di=amenazaytx.site&md=1&c1=2409&to=3&ai=15025&sr=12&cb=1674322054&sid=AcWPiXgAEeTuS4H7&oz_sc=0ccbe9f967fe7c0096bead6b&oz_df=1674322058374&oz_l=13&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.88.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 21 Jan 2023 17:27:37 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
checksync.php
contextual.media.net/ Frame BBF0 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
51b9777abda8a6ddc4c1ae2e0d25cc908a3fda58b3ccc541bfd77953832dbf7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8210
content-type
text/html; charset=UTF-8
date
Sat, 21 Jan 2023 17:27:38 GMT
expires
Mon, 23 Jan 2023 17:27:38 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync
eb2.3lift.com/ Frame 9735 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sat, 21 Jan 2023 17:27:38 GMT
sync.html
public.servenobid.com/ Frame E0D3 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-45.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
43638
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sat, 21 Jan 2023 05:20:21 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-id
HaP6e1y-qGYFVxssVBNgEShRpb-dNoRIQ9i8t4GzirpQKGueXN1lVA==
x-amz-cf-pop
FRA56-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame 4155 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1674322055311
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 570F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 21 Jan 2023 17:27:38 GMT
ETag
"623de86a-cf34"
Expires
Sun, 22 Jan 2023 17:27:40 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
sid
mug.criteo.com/ Frame D149
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=amenazaytx.site&sn=ChromeSyncframe&so=0&topUrl=amenazaytx.site&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=1AsnKHxtZXI3TXVtclRXSWwrbWgweE1CY1JvZ1FpUmovRUlCMng2SHBsMWF0Y3VmZ3ZzbU5ZdEdzUjhuMHhTbFhZWTBOU003SENtd05JRmxxUFNhNGtxMkxSWktvRGt4NWF6b3JnRHZHcHlKRHB2MXRlQ3M1bCswUDNKbz...
444 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=1AsnKHxtZXI3TXVtclRXSWwrbWgweE1CY1JvZ1FpUmovRUlCMng2SHBsMWF0Y3VmZ3ZzbU5ZdEdzUjhuMHhTbFhZWTBOU003SENtd05JRmxxUFNhNGtxMkxSWktvRGt4NWF6b3JnRHZHcHlKRHB2MXRlQ3M1bCswUDNKbzFVb3dTRTJwZHpCL3JiMWxHU3RJRHprMnk0Nzd5MCtHbUxjOGFyMHdTTERucHpoN0Z4UWI4VGlvY1FaMVVLZ2k1UFUwWWl1UTdHTERBUy9pMThKa3A0WitjTGFPL0toUzUwUzlNb3NCM3ZGa3dpSmozenVmNFRZOHZBTzA1N214Y01aYmZtNEdaQ3VCcVBTRWl1WmpvVTF4QWNGb1Q2QT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e5298fcbceb1716f86d63af5e44b8ee846aa8accd7003b960a27ebf12de51f8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3793209
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=1AsnKHxtZXI3TXVtclRXSWwrbWgweE1CY1JvZ1FpUmovRUlCMng2SHBsMWF0Y3VmZ3ZzbU5ZdEdzUjhuMHhTbFhZWTBOU003SENtd05JRmxxUFNhNGtxMkxSWktvRGt4NWF6b3JnRHZHcHlKRHB2MXRlQ3M1bCswUDNKbzFVb3dTRTJwZHpCL3JiMWxHU3RJRHprMnk0Nzd5MCtHbUxjOGFyMHdTTERucHpoN0Z4UWI4VGlvY1FaMVVLZ2k1UFUwWWl1UTdHTERBUy9pMThKa3A0WitjTGFPL0toUzUwUzlNb3NCM3ZGa3dpSmozenVmNFRZOHZBTzA1N214Y01aYmZtNEdaQ3VCcVBTRWl1WmpvVTF4QWNGb1Q2QT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
369891
content-length
0
expires
0
13926
g2.gumgum.com/usync/ Frame 64E9 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.128.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-128-14.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
27b888c5dd519dbec7ca6bd80844fff9e58b4e19b6736c269a1da33ebfade28e

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 21 Jan 2023 17:27:38 GMT
etag
W/"0e6946aadb09a25c561bd4fccf9e8342a"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 910B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 6813 		864 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
444f15ddb7a6437f266adee84d37ce6957a9afdef70d0ce5220cd5a892736f0d

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
864
content-type
text/html
date
Sat, 21 Jan 2023 17:27:37 GMT
usermatch
ssum-sec.casalemedia.com/ Frame C4D8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
816 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
095d3f027d8eeed57e059a6036d4f48b8f62c2a63a908a9c51fe2402573a5f01

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
78d1c301fa979b33-FRA
content-encoding
br
content-type
text/html
date
Sat, 21 Jan 2023 17:27:38 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5Sed6fgP7q3xC4GdOlB8eaWBAJhlj%2FAyWvrcWzvwYuzsSgKGnAnU4EboeXDX%2BR6JkvJM02C%2FB%2BdI8lPBk8YCU29w7G1dDQWWRPCaphdUUEO5yLx3EYEtQxHj0XB7UnSICgZeUntEDMcRw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
78d1c301ca219b33-FRA
content-length
0
date
Sat, 21 Jan 2023 17:27:38 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhdcKG251vITJZuMWS%2BJ0BXMmQmBvYUpZKLiN%2FaypxwsDJ%2B8Vb2Bpm29517q4fvcJpDx2%2FtViUwtOel3tVcwEen27UJ9T0IyftsF5XBm3%2BkZ20GRuLKHbcpzEd0FUHh9PGgsFSoKpltRqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B7F5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 Jan 2023 17:27:38 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 21 Jan 2023 17:27:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F74D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=133723
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 21 Jan 2023 17:27:38 GMT
expires
Mon, 23 Jan 2023 06:36:21 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 52E6 		0
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:e200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Sat, 21 Jan 2023 17:27:38 GMT
via
1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
x-amz-cf-id
8i3hcN360sSGRN_6Azwj4Yw-s7egbSUBAI0Nlm429laKGWq7MEDyOA==
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame 3711
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
  • https://ads.servenobid.com/sync?pid=312&uid=2016046212463888684
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=2016046212463888684
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Sat, 21 Jan 2023 17:27:38 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.35; 81.95.5.35; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2220ab17-8a10-4141-b336-e723d918d5dc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=2016046212463888684
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 3711
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=GBkXrRZH1u9_9NJ1RwG2L1VO
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=GBkXrRZH1u9_9NJ1RwG2L1VO
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:39 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=GBkXrRZH1u9_9NJ1RwG2L1VO
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 3711 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 21 Jan 2023 17:27:38 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
generic
match.adsrvr.org/track/cmf/ Frame 3711
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1674322058548
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1055560538
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1055560538
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
etag
RXae5401b143534a83846344beaf694e88003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1055560538
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame 3711
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5109685625856370940
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5109685625856370940
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5109685625856370940
Date
Sat, 21 Jan 2023 17:27:38 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 3711 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:38 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-161
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 3711
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=35c2f77a-2445-434f-bf1c-55ddfc57adf1&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=35c2f77a-2445-434f-bf1c-55ddfc57adf1&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=35c2f77a-2445-434f-bf1c-55ddfc57adf1&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Sat, 21 Jan 2023 17:27:37 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 3711
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-NdKxAzNE2uGN7XBXDb8bryH446ivOGn3SsQTQ4w-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-NdKxAzNE2uGN7XBXDb8bryH446ivOGn3SsQTQ4w-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-NdKxAzNE2uGN7XBXDb8bryH446ivOGn3SsQTQ4w-~A
date
Sat, 21 Jan 2023 17:27:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-sync
sync.adkernel.com/ Frame 3711
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://sync.adkernel.com/user-sync?zone=176971&t=image&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26r%3DCid1YS1iZjY5NGVhMC02YWI3LTMxNTUtYWQ2Ni1mOTcyZmFkMTZhOTUQ____________ASpTaHR0cHM6Ly...
0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=176971&t=image&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26r%3DCid1YS1iZjY5NGVhMC02YWI3LTMxNTUtYWQ2Ni1mOTcyZmFkMTZhOTUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iZjY5NGVhMC02YWI3LTMxNTUtYWQ2Ni1mOTcyZmFkMTZhOTUyAhsOOAE=%26buyeruid%3D%7BUID%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sat, 21 Jan 2023 17:27:39 GMT
Server
nginx
Connection
close
Content-Length
0

Redirect headers

location
http://sync.adkernel.com/user-sync?zone=176971&t=image&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26r%3DCid1YS1iZjY5NGVhMC02YWI3LTMxNTUtYWQ2Ni1mOTcyZmFkMTZhOTUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iZjY5NGVhMC02YWI3LTMxNTUtYWQ2Ni1mOTcyZmFkMTZhOTUyAhsOOAE=%26buyeruid%3D%7BUID%7D
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:39 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 3711
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-NdKxAzNE2uGN7XBXDb8bryH446ivOGn3SsQTQ4w-~A
0
0
13926
g2.gumgum.com/usync/ Frame 36F5 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.128.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-128-14.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
91719693aaba1c1bce8c2b1e72c389ce290700de2272c9d10a571d2fa338ec0e

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 21 Jan 2023 17:27:38 GMT
etag
W/"0d0c6f588329bd1f6d379b4b2326eabdb"
server
nginx
timing-allow-origin
*
sync
ads.servenobid.com/ Frame E0D3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
  • https://ads.servenobid.com/sync?pid=312&uid=2446853442974065804
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=2446853442974065804
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Sat, 21 Jan 2023 17:27:38 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.35; 81.95.5.35; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
821ff8a5-cdc4-43d1-bd64-6a3b01c48c0e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=2446853442974065804
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame E0D3
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=GBkXrRZHEvNfRciuRfSY9hD5
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=GBkXrRZHEvNfRciuRfSY9hD5
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:39 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=GBkXrRZHEvNfRciuRfSY9hD5
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame E0D3 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 21 Jan 2023 17:27:38 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
/
onetag-sys.com/usync/ Frame 9474 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 3288 		1016 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
99567af871e6670170ee920f3625ed9d8e3c5c35e4dfa609a13e656bcf78e0a8

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
1016
content-type
text/html
date
Sat, 21 Jan 2023 17:27:37 GMT
generic
match.adsrvr.org/track/cmf/ Frame E0D3
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1674322058547
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5792525706
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5792525706
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
etag
RXae5401b143534a83846344beaf694e88003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5792525706
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame E0D3
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5107433826115661770
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5107433826115661770
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5107433826115661770
Date
Sat, 21 Jan 2023 17:27:38 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame E0D3 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:38 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-103
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame E0D3
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=fdc3ae2b-2a51-4008-89ac-29177a8bf1a1&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=fdc3ae2b-2a51-4008-89ac-29177a8bf1a1&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=fdc3ae2b-2a51-4008-89ac-29177a8bf1a1&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Sat, 21 Jan 2023 17:27:38 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame 30B4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
798 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f3b6225508385e60fe912919b1afbb766bd99ff912457a1e8923c52b19d67eb

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
78d1c301fa8c9b33-FRA
content-encoding
br
content-type
text/html
date
Sat, 21 Jan 2023 17:27:38 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jB%2B2TERqntj1TMiDJ0ffMc5gS7x5YnZm%2BaBs2Cyuu7xM0roB1HLZHLn%2FkbAKswEGTvFk6UCGlowrjVpb4wSn%2F69VGzzw1MbdiU0f7jhyAayLZ5IIKPswDJs4gUppN%2Bnrf%2FJBD2g6s9JNUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
78d1c301ca239b33-FRA
content-length
0
date
Sat, 21 Jan 2023 17:27:38 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSDZQZ3o87YwUUzQpZGVU9KD%2BZp2uy5eYTFMIOWGZ9xcL3%2BkqwC4ir51IIfShB1VvqsfW2M2xPzvV9VcXxSBasoefWyqBvUHH2%2FjWpwZvR7npSy0FNurijT1o9Nm3RoUQqwFUOwjpri0JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync
ads.servenobid.com/ Frame E0D3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-NdKxAzNE2uGN7XBXDb8bryH446ivOGn3SsQTQ4w-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-NdKxAzNE2uGN7XBXDb8bryH446ivOGn3SsQTQ4w-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-NdKxAzNE2uGN7XBXDb8bryH446ivOGn3SsQTQ4w-~A
date
Sat, 21 Jan 2023 17:27:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us
sync.go.sonobi.com/ Frame E0D3
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iZjY5NGVhMC02YWI3LTMxNTUtYWQ2Ni1mOTcyZmFkMTZ...
0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iZjY5NGVhMC02YWI3LTMxNTUtYWQ2Ni1mOTcyZmFkMTZhOTUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iZjY5NGVhMC02YWI3LTMxNTUtYWQ2Ni1mOTcyZmFkMTZhOTUyAhIGOAE=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-103
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iZjY5NGVhMC02YWI3LTMxNTUtYWQ2Ni1mOTcyZmFkMTZhOTUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iZjY5NGVhMC02YWI3LTMxNTUtYWQ2Ni1mOTcyZmFkMTZhOTUyAhIGOAE=
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:39 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame E0D3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-NdKxAzNE2uGN7XBXDb8bryH446ivOGn3SsQTQ4w-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-NdKxAzNE2uGN7XBXDb8bryH446ivOGn3SsQTQ4w-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-NdKxAzNE2uGN7XBXDb8bryH446ivOGn3SsQTQ4w-~A
date
Sat, 21 Jan 2023 17:27:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.html
eus.rubiconproject.com/ Frame 68B0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 Jan 2023 17:27:38 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 21 Jan 2023 17:27:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4049 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=133723
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 21 Jan 2023 17:27:38 GMT
expires
Mon, 23 Jan 2023 06:36:21 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 7046 		0
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:e200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Sat, 21 Jan 2023 17:27:38 GMT
via
1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
x-amz-cf-id
Man1qyr2o40RZNaeI8umWplou9T0yLvA6OiW0wyVL8DALYW-UWWlRQ==
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 6EB1 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4c648b28fbfa46cbae28a58852798157c8eb336f795de67c45fa735464b62617
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 10 Jan 2023 22:25:06 GMT
server
nginx
etag
W/"63bde5c2-162a9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Jan 2023 17:27:38 GMT
async_usersync
ib.adnxs.com/ Frame 6C93 		0
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:38 GMT
AN-X-Request-Uuid
43761807-aea6-4e94-ac2e-50818647e7ee
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.35; 81.95.5.35; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HVPFKTV6LZ&gtm=2oe1i0&_p=390999659&cid=190685867.1674322054&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1674322053&sct=1&seg=0&dl=https%3A%2F%2Famenazaytx.site%2F&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&en=scroll&epn.percent_scrolled=90&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVPFKTV6LZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 570F 		0
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:38 GMT
AN-X-Request-Uuid
ebd8bf68-1c73-4a68-9776-09b40e384b91
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.35; 81.95.5.35; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C4D8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y8wgih9Y2mshrupLH00G.AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMXcoprzAcjwcHaVQC8pOhA&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMXcoprzAcjwcHaVQC8pOhA&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMXcoprzAcjwcHaVQC8pOhA&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame C4D8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8wgiheGYhdkCYnE34oOuwAABH0AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8wgiheGYhdkCYnE34oOuwAABH0AAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8wgiheGYhdkCYnE34oOuwAABH0AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V8AN1CFMJM1710QWK0DX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XC0EZEJCPPMT4R7D3YYT
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8wgiheGYhdkCYnE34oOuwAABH0AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame C4D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y8wgiheGYhdkCYnE34oOuwAABH0AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF-oac7sCYOdlwSMRAJLqo4&google_cver=1
43 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF-oac7sCYOdlwSMRAJLqo4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGlo7U9PiUCqMKdfPBxGUY1WboPXGPo48SjyLdi8MV9If31bZeVzgJ5p71JQKY7dz%2B99pH8GkLofSOAYV9phWnEc%2BDJBm%2Fmkb30gnXc69l2iqXlVUFn6C32MCUzgWbTOmKZSuEW2cN4vlw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
78d1c302f9cfbb9d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF-oac7sCYOdlwSMRAJLqo4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame C4D8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ix
ad4m.at/ad/sim/ Frame C4D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
Y8wgiheGYhdkCYnE34oOuwAABH0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C4D8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y8wgiheGYhdkCYnE34oOuwAABH0AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y8wgiheGYhdkCYnE34oOuwAABH0AAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y8wgiheGYhdkCYnE34oOuwAABH0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Server
2a05:d018:d29:3605:3a35:c032:6d7e:7081 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y8wgiheGYhdkCYnE34oOuwAABH0AAAAB
date
Sat, 21 Jan 2023 17:27:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame C4D8
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1689960459&external_user_id=3130712b-89fd-439f-9149-945d790a00c3
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1689960459&external_user_id=3130712b-89fd-439f-9149-945d790a00c3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

date
Sat, 21 Jan 2023 17:27:39 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1689960459&external_user_id=3130712b-89fd-439f-9149-945d790a00c3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame C4D8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2016046212463888684
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2016046212463888684
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 21 Jan 2023 17:27:38 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.35; 81.95.5.35; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bbc8f938-9649-450d-b174-577e5dc953b2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2016046212463888684
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame C4D8 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y8wgiheGYhdkCYnE34oOuwAABH0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 30B4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y8wgih9Y2mshrupLH00G.AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMXcoprzAcjwcHaVQC8pOhA&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMXcoprzAcjwcHaVQC8pOhA&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMXcoprzAcjwcHaVQC8pOhA&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 30B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y8wgih9Y2mshrupLH00G-AAABKQAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF-oac7sCYOdlwSMRAJLqo4&google_cver=1
43 B
756 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF-oac7sCYOdlwSMRAJLqo4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnZiM%2FxsUyUtYmjvNIhCOj7E%2BFgZUp0rY4l8LK7XGTHnBx4FPdHuoq6wXhl5g243wSDbRkoq9xm%2BcdhPMykr6kMXjeH3jLdxpfyz6PWnlpn5ckjG9hrAEJJPn2ObzXTS%2B%2FUKLC0qWEASbA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
78d1c302f9cabb9d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF-oac7sCYOdlwSMRAJLqo4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 30B4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 30B4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8wgih9Y2mshrupLH00G-AAABKQAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8wgih9Y2mshrupLH00G-AAABKQAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8wgih9Y2mshrupLH00G-AAABKQAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YDMJJFBPX7EE1NDYG5ET
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SDK52SWXMJB46AHE8WZN
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8wgih9Y2mshrupLH00G-AAABKQAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 30B4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 30B4
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y8wgih9Y2mshrupLH00G.AAA%261188
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3f0ac86e-38ab-414b-8cd7-82801c91547e-tuctac5a60a
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3f0ac86e-38ab-414b-8cd7-82801c91547e-tuctac5a60a
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3f0ac86e-38ab-414b-8cd7-82801c91547e-tuctac5a60a
date
Sat, 21 Jan 2023 17:27:38 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15289
crum
dsum-sec.casalemedia.com/ Frame 30B4
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=6854CB30F65E4DD5AD389BA22166AC37
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=6854CB30F65E4DD5AD389BA22166AC37
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

date
Sat, 21 Jan 2023 17:27:38 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=6854CB30F65E4DD5AD389BA22166AC37
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 20 Jan 2023 17:27:38 GMT
Y8wgih9Y2mshrupLH00G-AAABKQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 30B4 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y8wgih9Y2mshrupLH00G-AAABKQAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:3a35:c032:6d7e:7081 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ads.servenobid.com/ Frame 30B4 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y8wgih9Y2mshrupLH00G-AAABKQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
syncframe
gum.criteo.com/ Frame D8BE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=amenazaytx.site
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Jan 2023 17:27:38 GMT
server
Kestrel
server-processing-duration-in-ticks
1464651
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 36F5
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2016046212463888684
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2016046212463888684
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Sat, 21 Jan 2023 17:27:38 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.35; 81.95.5.35; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
05ab6abc-4206-4a1f-9ef9-50a6cb55e62d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=2016046212463888684
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 36F5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_bf1d19d0-ef0d-405b-a476-b295bf03df76&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=s_vraLf4sGmo-LhotqmlaOT_sW-o8LA75Kw6teZS
  • https://usersync.gumgum.com/usersync?b=bsw&i=70e23e84-137f-4ab6-a53d-3e8ca2211bc8
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=70e23e84-137f-4ab6-a53d-3e8ca2211bc8
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=70e23e84-137f-4ab6-a53d-3e8ca2211bc8
date
Sat, 21 Jan 2023 17:27:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame 36F5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-63406a5f-bca7-40bd-6732-13b1c082dcdd$ip$81.95.5.35
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-63406a5f-bca7-40bd-6732-13b1c082dcdd$ip$81.95.5.35
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-63406a5f-bca7-40bd-6732-13b1c082dcdd$ip$81.95.5.35
Date
Sat, 21 Jan 2023 17:27:39 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 36F5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_bf1d19d0-ef0d-405b-a476-b295bf03df76&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=LeraK709trR-xyHWGVGe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2TDFOJQUWNZQHF2HEURNPB4UQV2HKZDWK...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=LeraK709trR-xyHWGVGe&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=LeraK709trR-xyHWGVGe&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=LeraK709trR-xyHWGVGe&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 36F5
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4731530633
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4731530633
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
etag
RXae5401b143534a83846344beaf694e88003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4731530633
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
usersync.gumgum.com/ Frame 36F5
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=ltcliWkVjCRo&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=ltcliWkVjCRo&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=ltcliWkVjCRo&ev=1&pid=558355
content-language
de-DE
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-64ccb75b9-plpdz
expires
-1
/
s.ad.smaato.net/c/ Frame 36F5
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%282jIotWoAlcskicmEAemP2gla5hF2fxyTwlAq_5kvbYbRx8e6CXpwpmVHq2dSAP6_%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_f10c5f61-ad5b-405c-968f-7a8479e2e073&obuid=ENC(2jIotWoAlcskicmEAemP2gla5hF2fxyTwlAq_5kvbYbRx8e6CXpwpmVHq2dSAP6_)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DODvWQI8IBkIdwWrxhYICG2O5sRP3cO6rwYHJre8ci5Phdhz4lPA6yoYNLskMlRko%26gd...
0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DODvWQI8IBkIdwWrxhYICG2O5sRP3cO6rwYHJre8ci5Phdhz4lPA6yoYNLskMlRko%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
2600:9000:211a:dc00:1b:5138:8a40:93a1 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:40 GMT
cache-control
no-cache, must-revalidate
via
1.1 c8710a117c1dfdaea4e9dfc4d41970d2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
VIE50-C2
x-amz-cf-id
pycIV_oWGWFeyklqHDkU6gEHdRa7s5VVXwlOgxPwBPY3NvBefygKvA==
x-cache
FunctionGeneratedResponse from cloudfront

Redirect headers

Location
https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DODvWQI8IBkIdwWrxhYICG2O5sRP3cO6rwYHJre8ci5Phdhz4lPA6yoYNLskMlRko%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform
Date
Sat, 21 Jan 2023 17:27:39 GMT
X-TraceId
5111b282be2cec142f830f73347a86fb
Content-Length
695
Content-Type
application/json
usersync
usersync.gumgum.com/ Frame 36F5
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=a792799f-e1dd-4d6f-ad2b-8f5a51106918
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=a792799f-e1dd-4d6f-ad2b-8f5a51106918
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 21 Jan 2023 17:27:38 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=a792799f-e1dd-4d6f-ad2b-8f5a51106918
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 36F5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3FOWKw9E2pd.m48O.RNmrk41io6MsECACL6p~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-3FOWKw9E2pd.m48O.RNmrk41io6MsECACL6p~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 21 Jan 2023 17:27:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-3FOWKw9E2pd.m48O.RNmrk41io6MsECACL6p~A
content-length
0
usersync
usersync.gumgum.com/ Frame 36F5
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=8cd91b7f-5bec-4cdb-9c7d-3b6b815d6b61
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=8cd91b7f-5bec-4cdb-9c7d-3b6b815d6b61
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=8cd91b7f-5bec-4cdb-9c7d-3b6b815d6b61
Date
Sat, 21 Jan 2023 17:27:39 GMT
Connection
keep-alive
X-CI-RTID
fc8799e5-bb6d-4700-91e7-80d7eb43f11e
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 36F5 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
387555733
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 36F5 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 36F5
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=986b257b-0cbb-4dd7-bdd3-a20ad513e047
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=986b257b-0cbb-4dd7-bdd3-a20ad513e047
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=986b257b-0cbb-4dd7-bdd3-a20ad513e047
access-control-allow-origin
*
date
Sat, 21 Jan 2023 17:27:39 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 36F5
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=6210925492460689372
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=6210925492460689372
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=6210925492460689372
date
Sat, 21 Jan 2023 17:27:38 GMT
content-length
0
sync
ads.servenobid.com/ Frame 36F5 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_bf1d19d0-ef0d-405b-a476-b295bf03df76
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 64E9
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2016046212463888684
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2016046212463888684
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Sat, 21 Jan 2023 17:27:38 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.35; 81.95.5.35; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e46818e1-dfd1-46a4-8d27-682a723a593d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=2016046212463888684
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 64E9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_f10c5f61-ad5b-405c-968f-7a8479e2e073&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3D70e23e84-137f-4ab6-a53d-3e8ca22...
  • https://pm.w55c.net/ping_match.gif?scc=1&st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3D70e23e84-137f-4ab6-a53d-3...
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=jwHjvmsY1PjhEu5&expires=30&ssp=gumgum2&bsw_param=70e23e84-137f-4ab6-a53d-3e8ca2211bc8
  • https://usersync.gumgum.com/usersync?b=bsw&i=70e23e84-137f-4ab6-a53d-3e8ca2211bc8
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=70e23e84-137f-4ab6-a53d-3e8ca2211bc8
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=70e23e84-137f-4ab6-a53d-3e8ca2211bc8
date
Sat, 21 Jan 2023 17:27:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame 64E9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-d7af8d80-78c4-43fb-7a8a-8e3d8de89a67$ip$81.95.5.35
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-d7af8d80-78c4-43fb-7a8a-8e3d8de89a67$ip$81.95.5.35
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-d7af8d80-78c4-43fb-7a8a-8e3d8de89a67$ip$81.95.5.35
Date
Sat, 21 Jan 2023 17:27:39 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 64E9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_f10c5f61-ad5b-405c-968f-7a8479e2e073&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=eizd2c8NnurY6bVOfeYy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2ZLJPJSDEYZYJZXHK4SZGZRFMT3GMVMXS...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=eizd2c8NnurY6bVOfeYy&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=eizd2c8NnurY6bVOfeYy&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=eizd2c8NnurY6bVOfeYy&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 64E9
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8927882975
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8927882975
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
etag
RXae5401b143534a83846344beaf694e88003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8927882975
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
usersync.gumgum.com/ Frame 64E9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=SxmWNcUVpwUn&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=SxmWNcUVpwUn&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=SxmWNcUVpwUn&ev=1&pid=558355
content-language
de-DE
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-64ccb75b9-9dlfr
expires
-1
cookie-sync
sync.outbrain.com/ Frame 64E9
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28ODvWQI8IBkIdwWrxhYICG2O5sRP3cO6rwYHJre8ci5Phdhz4lPA6yoYNLskMlRko%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_f10c5f61-ad5b-405c-968f-7a8479e2e073&obuid=ENC(ODvWQI8IBkIdwWrxhYICG2O5sRP3cO6rwYHJre8ci5Phdhz4lPA6yoYNLskMlRko)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7191158490676590734&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7191158490676590734&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7191158490676590734&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING
Date
Sat, 21 Jan 2023 17:27:40 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
usersync
usersync.gumgum.com/ Frame 64E9
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=a792799f-e1dd-4d6f-ad2b-8f5a51106918
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=a792799f-e1dd-4d6f-ad2b-8f5a51106918
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 21 Jan 2023 17:27:38 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=a792799f-e1dd-4d6f-ad2b-8f5a51106918
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 64E9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3FOWKw9E2pd.m48O.RNmrk41io6MsECACL6p~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-3FOWKw9E2pd.m48O.RNmrk41io6MsECACL6p~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 21 Jan 2023 17:27:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-3FOWKw9E2pd.m48O.RNmrk41io6MsECACL6p~A
content-length
0
usersync
usersync.gumgum.com/ Frame 64E9
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=50c81bb0-3200-484b-9110-6c26cd6741e8
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=50c81bb0-3200-484b-9110-6c26cd6741e8
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=50c81bb0-3200-484b-9110-6c26cd6741e8
Date
Sat, 21 Jan 2023 17:27:39 GMT
Connection
keep-alive
X-CI-RTID
e184664f-42ca-43b5-ba9e-c75f76170384
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 64E9 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
297154105
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 64E9 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:39 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 64E9
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=986b257b-0cbb-4dd7-bdd3-a20ad513e047
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=986b257b-0cbb-4dd7-bdd3-a20ad513e047
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=986b257b-0cbb-4dd7-bdd3-a20ad513e047
access-control-allow-origin
*
date
Sat, 21 Jan 2023 17:27:39 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 64E9
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=2034877323966781362
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=2034877323966781362
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=2034877323966781362
date
Sat, 21 Jan 2023 17:27:38 GMT
content-length
0
sync
ads.servenobid.com/ Frame 64E9 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_f10c5f61-ad5b-405c-968f-7a8479e2e073
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
0.gif
id5-sync.com/i/495/ Frame 9BC6
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 21 Jan 2023 17:27:38 GMT
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

content-length
332
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Sat, 21 Jan 2023 17:27:39 GMT
expect-ct
max-age=0
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7806 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=133723
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 21 Jan 2023 17:27:38 GMT
expires
Mon, 23 Jan 2023 06:36:21 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 1825 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 21 Jan 2023 17:27:38 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 11F9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=46b763cc-208a-4f00-ab79-a1bf17620889&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=46b763cc-208a-4f00-ab79-a1bf17620889&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Jan 2023 17:27:38 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 21 Jan 2023 17:27:38 GMT
Expires
Sat, 21 Jan 2023 17:27:37 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 357 2feb0b5 master cdg-pixel-x34 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=46b763cc-208a-4f00-ab79-a1bf17620889&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame CC54
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y8wgigAAA8L1gAAh
  • https://usersync.gumgum.com/usersync?b=atm&i=Y8wgigAAA8L1gAAh&gdpr=0&gdpr_consent=&_test=Y8wgigAAA8L1gAAh
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y8wgigAAA8L1gAAh&gdpr=0&gdpr_consent=&_test=Y8wgigAAA8L1gAAh
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Jan 2023 17:27:38 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 21 Jan 2023 17:27:38 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y8wgigAAA8L1gAAh&gdpr=0&gdpr_consent=&_test=Y8wgigAAA8L1gAAh
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220087-HHN
x-timer
S1674322059.886255,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 1E28 		170 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iZjFkMTlkMC1lZjBkLTQwNWItYTQ3Ni1iMjk1YmYwM2RmNzY=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 21 Jan 2023 17:27:38 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 94DD
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=2016046212463888684&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
  • https://usersync.gumgum.com/usersync?b=emx&i=2016046212463888684brt51571674322058758286f1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=2016046212463888684brt51571674322058758286f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Jan 2023 17:27:39 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Sat, 21 Jan 2023 17:27:38 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=2016046212463888684brt51571674322058758286f1
usersync
usersync.gumgum.com/ Frame 9AC6
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y8wgi8Co5tEAABsZD-sAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y8wgi8Co5tEAABsZD-sAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Jan 2023 17:27:39 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 21 Jan 2023 17:27:39 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y8wgi8Co5tEAABsZD-sAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
4
X-SO-Cluster-ID
0
X-SO-HostName
m-ad402.dc4p.scaleout.jp
X-SO-IP
81.95.5.35
X-SO-Key
Y8wgi8Co5tEAABsZD-sAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y8wgi8Co5tEAABsZD-sAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad402"}
X-SO-LB-Hostname
a-tgng40013.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad402
usersync
usersync.gumgum.com/ Frame E6C9
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=e_bf1d19d0-ef0d-405b-a476-b295bf03df76&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
  • https://usersync.gumgum.com/usersync?b=aad&i=6b792583-8817-4136-854d-4350031db03a
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=6b792583-8817-4136-854d-4350031db03a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Jan 2023 17:27:39 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Sat, 21 Jan 2023 17:27:38 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=6b792583-8817-4136-854d-4350031db03a
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usersync
usersync.gumgum.com/ Frame F6B3
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y8wgih9Y2mshrupLH00G.AAA%261188
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y8wgih9Y2mshrupLH00G.AAA%261188
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Jan 2023 17:27:38 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
78d1c302c958bb9d-FRA
content-length
0
date
Sat, 21 Jan 2023 17:27:38 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y8wgih9Y2mshrupLH00G.AAA%261188
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NetN9yoK03dx0Za85sF7SRFfA4iTi0Sg%2FTPLMwE9kCY5z57l5hgUHak0QKl7t4xuCMK1eiuw%2FgvfJmCfesRtx2mARBz151dCVGWpCRfC4PUzjeeSqA6ADtCcHh6NQahU4nWvK1t%2BxulvgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame C2C5
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=ffU6dhiPVn9A68e0CY6L&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=ffU6dhiPVn9A68e0CY6L&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Jan 2023 17:27:39 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 21 Jan 2023 17:27:38 GMT Sat, 21 Jan 2023 17:27:38 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=ffU6dhiPVn9A68e0CY6L&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame A1C8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 Jan 2023 17:27:38 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 21 Jan 2023 17:27:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
0.gif
id5-sync.com/i/495/ Frame D812
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 21 Jan 2023 17:27:38 GMT
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

content-length
332
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Sat, 21 Jan 2023 17:27:39 GMT
expect-ct
max-age=0
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 41E3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=133723
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 21 Jan 2023 17:27:38 GMT
expires
Mon, 23 Jan 2023 06:36:21 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 121C 		70 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 21 Jan 2023 17:27:38 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 9AC6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=d02763cc-208a-4600-94d6-be2c038cecda&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=d02763cc-208a-4600-94d6-be2c038cecda&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Jan 2023 17:27:38 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 21 Jan 2023 17:27:38 GMT
Expires
Sat, 21 Jan 2023 17:27:37 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 357 2feb0b5 master cdg-pixel-x13 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=d02763cc-208a-4600-94d6-be2c038cecda&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame BD61
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y8wgigAA-aGWRQAb
  • https://usersync.gumgum.com/usersync?b=atm&i=Y8wgigAA-aGWRQAb&gdpr=0&gdpr_consent=&_test=Y8wgigAA-aGWRQAb
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y8wgigAA-aGWRQAb&gdpr=0&gdpr_consent=&_test=Y8wgigAA-aGWRQAb
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Jan 2023 17:27:38 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 21 Jan 2023 17:27:38 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y8wgigAA-aGWRQAb&gdpr=0&gdpr_consent=&_test=Y8wgigAA-aGWRQAb
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220087-HHN
x-timer
S1674322059.879856,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame E871 		170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9mMTBjNWY2MS1hZDViLTQwNWMtOTY4Zi03YTg0NzllMmUwNzM=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 21 Jan 2023 17:27:38 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame A6ED
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=2016046212463888684&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
  • https://usersync.gumgum.com/usersync?b=emx&i=2016046212463888684brt51571674322058758286f1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=2016046212463888684brt51571674322058758286f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Jan 2023 17:27:38 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Sat, 21 Jan 2023 17:27:38 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=2016046212463888684brt51571674322058758286f1
usersync
usersync.gumgum.com/ Frame 8012
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y8wgi8Co5sMAANC0Cj4AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y8wgi8Co5sMAANC0Cj4AAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Jan 2023 17:27:39 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 21 Jan 2023 17:27:39 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y8wgi8Co5sMAANC0Cj4AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad76.dc4p.scaleout.jp
X-SO-IP
81.95.5.35
X-SO-Key
Y8wgi8Co5sMAANC0Cj4AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y8wgi8Co5sMAANC0Cj4AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad76"}
X-SO-LB-Hostname
a-tgng40005.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad76
usersync
usersync.gumgum.com/ Frame 8532
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=e_f10c5f61-ad5b-405c-968f-7a8479e2e073&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
  • https://usersync.gumgum.com/usersync?b=aad&i=18eb43b6-109d-4bbb-9725-f20e32f07625
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=18eb43b6-109d-4bbb-9725-f20e32f07625
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Jan 2023 17:27:39 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Sat, 21 Jan 2023 17:27:39 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=18eb43b6-109d-4bbb-9725-f20e32f07625
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usersync
usersync.gumgum.com/ Frame E0AB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y8wgih9Y2mshrupLH00G.AAA%261188
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y8wgih9Y2mshrupLH00G.AAA%261188
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Jan 2023 17:27:38 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
78d1c302d98dbb9d-FRA
content-length
0
date
Sat, 21 Jan 2023 17:27:38 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y8wgih9Y2mshrupLH00G.AAA%261188
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlJvpbcsIlJWFbB1bDvRHCdAyNJJHGCcF%2Bom%2FiOWhudOnh4QogyueOYk2OnvoKSTEWtDVDz9kJCqO5%2Fu%2FQoF5VK%2BVbX%2Bp3K1XftX5kRDOiDsykHJiS%2Fd53L7b4RjbtiO4iWCmu0OTHA3JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 58A6
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=ffU6dhiPVn9A68e0CY6L&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=ffU6dhiPVn9A68e0CY6L&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Jan 2023 17:27:39 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 21 Jan 2023 17:27:38 GMT Sat, 21 Jan 2023 17:27:38 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=ffU6dhiPVn9A68e0CY6L&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame D675
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 Jan 2023 17:27:38 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 21 Jan 2023 17:27:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame B7F5 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3bf5fbf2eec95da76a21904f6c12b7d4c739d21d1dc29abe8dad4270fbf5a071

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sat, 21 Jan 2023 17:27:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 21 Jan 2023 02:40:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33096
Connection
keep-alive
Content-Length
10036
Expires
Sun, 22 Jan 2023 02:39:14 GMT
sid
mug.criteo.com/ Frame D8BE
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=amenazaytx.site&sn=ChromeSyncframe&so=3&topUrl=amenazaytx.site&bundle=t70A0l9yNFdZeGlvc0k3JTJGODZGRG9TJTJGRFNOVyUyQjhWY0hPeVc5aWZtaW1wQ1NZ...
  • https://mug.criteo.com/sid?cpp=IyAH7XxlZ2lKWmliVnFyR1B1azBTMGJHdkZXQzBnR1NaRXR6SnVWM0p4WVMwVDc4WHl5WVBRemlFZUMxWEtxOVBjNHZSOEVLWVpjTXNGQ2xzdURNdnpaS2pGeTI0VkFkWG9HYk9CNHNOS1JvR0NSSWtYMlIwdjl1b05NeE...
444 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=IyAH7XxlZ2lKWmliVnFyR1B1azBTMGJHdkZXQzBnR1NaRXR6SnVWM0p4WVMwVDc4WHl5WVBRemlFZUMxWEtxOVBjNHZSOEVLWVpjTXNGQ2xzdURNdnpaS2pGeTI0VkFkWG9HYk9CNHNOS1JvR0NSSWtYMlIwdjl1b05NeEswSjRvd2FYMml4bEw3THFVaWhHdnA5NTZHRlBhZm9JdW45S3VRL3ZSdDkya2lKZWFqcVRBZGo5Vk81OU03UjVrbkZmc28vNVF4N2RoaGdiYm5SSjFYWlh4N0dtNmttTFVpRkpHUHFqR0VjeDJwaTNuMFIxZ0dwSkV2N2VkV3F5NENka09DZW9qM2lBblBGeXgzY0dvY3lYUVB0ZTEyYjFTUko1b2ZjaTJnUENQLzVLVXB0ND18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cb15f9e8ec6593a6a918720fdc2cc2e928813dcc6e1c18d4ff8fbb1933bbc535
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1656904
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=IyAH7XxlZ2lKWmliVnFyR1B1azBTMGJHdkZXQzBnR1NaRXR6SnVWM0p4WVMwVDc4WHl5WVBRemlFZUMxWEtxOVBjNHZSOEVLWVpjTXNGQ2xzdURNdnpaS2pGeTI0VkFkWG9HYk9CNHNOS1JvR0NSSWtYMlIwdjl1b05NeEswSjRvd2FYMml4bEw3THFVaWhHdnA5NTZHRlBhZm9JdW45S3VRL3ZSdDkya2lKZWFqcVRBZGo5Vk81OU03UjVrbkZmc28vNVF4N2RoaGdiYm5SSjFYWlh4N0dtNmttTFVpRkpHUHFqR0VjeDJwaTNuMFIxZ0dwSkV2N2VkV3F5NENka09DZW9qM2lBblBGeXgzY0dvY3lYUVB0ZTEyYjFTUko1b2ZjaTJnUENQLzVLVXB0ND18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
527078
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 3288 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=6860278879228630871&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:39 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync.php
demand.trafficroots.com/ Frame 3288 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 3288
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=d96f3d5c-0bc3-4006-8890-29cf3a92c074&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=d96f3d5c-0bc3-4006-8890-29cf3a92c074&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=d96f3d5c-0bc3-4006-8890-29cf3a92c074&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1253835
content-length
0
expires
Sat, 21 Jan 2023 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 3288
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08a322040308edb06ef0d5a9&gdpr=0&gdpr_consent=
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08a322040308edb06ef0d5a9&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08a322040308edb06ef0d5a9&gdpr=0&gdpr_consent=
date
Sat, 21 Jan 2023 17:27:38 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3288
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjAzNDg3NzMyMzk2Njc4MTM2Mg==&gdpr=0&gdpr_consent=
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjAzNDg3NzMyMzk2Njc4MTM2Mg==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjAzNDg3NzMyMzk2Njc4MTM2Mg==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:37 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
ads.servenobid.com/ Frame 6813 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=3163291015038211998&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6813
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjAzNDg3NzMyMzk2Njc4MTM2Mg==&gdpr=0&gdpr_consent=
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjAzNDg3NzMyMzk2Njc4MTM2Mg==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjAzNDg3NzMyMzk2Njc4MTM2Mg==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
redir
rtb-csync.smartadserver.com/ Frame 6813
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGsLU7HmEEAACBkRRaruA&gdpr=0
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGsLU7HmEEAACBkRRaruA&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGsLU7HmEEAACBkRRaruA&gdpr=0
Date
Sat, 21 Jan 2023 17:27:39 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 6813
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=cYBt42f1TJyk&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=cYBt42f1TJyk&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=cYBt42f1TJyk&ev=1&pid=560288&gdpr_consent=&gdpr=0
content-language
de-DE
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-64ccb75b9-22jnq
expires
-1
gjIEMT18
sync-tm.everesttech.net/ct/upi/pid/ Frame 6813
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
85 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y8wgigABHlv1dwAh
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220087-HHN
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
631
x-timer
S1674322059.889686,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
6260

Redirect headers

x-served-by
cache-hhn-etou8220087-HHN
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1674322059.778627,VS0,VE93
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y8wgigABHlv1dwAh
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame B7F5 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LD684EPN-1O-2UUQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.js
eus.rubiconproject.com/ Frame A1C8 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3bf5fbf2eec95da76a21904f6c12b7d4c739d21d1dc29abe8dad4270fbf5a071

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sat, 21 Jan 2023 17:27:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 21 Jan 2023 02:40:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33096
Connection
keep-alive
Content-Length
10036
Expires
Sun, 22 Jan 2023 02:39:14 GMT
usync.js
eus.rubiconproject.com/ Frame D675 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3bf5fbf2eec95da76a21904f6c12b7d4c739d21d1dc29abe8dad4270fbf5a071

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sat, 21 Jan 2023 17:27:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 21 Jan 2023 02:40:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33096
Connection
keep-alive
Content-Length
10036
Expires
Sun, 22 Jan 2023 02:39:14 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 4049 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=71388633&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7a74a00770d76ab0091ab55f696ff3984ce7d586b999535a90d4fb00d646166c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 21 Jan 2023 17:27:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
tap.php
pixel.rubiconproject.com/ Frame B7F5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/tyu2XHFeN-MaGA_FO7bTkMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PQFRiqxE2oJ_nM719snEvRePy76EIP_eqzzvvg--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PQFRiqxE2oJ_nM719snEvRePy76EIP_eqzzvvg--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 21 Jan 2023 17:27:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PQFRiqxE2oJ_nM719snEvRePy76EIP_eqzzvvg--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame B7F5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ2ODRFUE4tMU8tMlVVUQ==
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ2ODRFUE4tMU8tMlVVUQ==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ2ODRFUE4tMU8tMlVVUQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B7F5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKmaoMRw2oM_bWhhSw057kI&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKmaoMRw2oM_bWhhSw057kI&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKmaoMRw2oM_bWhhSw057kI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B7F5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OThkYjllNTdkOTgzZGNhZjA4OTAzZTU3ZGUyMzdhMDE5OWZlZWM2Mg
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OThkYjllNTdkOTgzZGNhZjA4OTAzZTU3ZGUyMzdhMDE5OWZlZWM2Mg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OThkYjllNTdkOTgzZGNhZjA4OTAzZTU3ZGUyMzdhMDE5OWZlZWM2Mg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame B7F5
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=s-u4O4mjQsexTV75sW_-EA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=s-u4O4mjQsexTV75sW_-EA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=s-u4O4mjQsexTV75sW_-EA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9EVS4H1RPC8TZTW38AB5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=s-u4O4mjQsexTV75sW_-EA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame B7F5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame B7F5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LD684EPN-1O-2UUQ
0
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LD684EPN-1O-2UUQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:38 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 95BB2EFE31624D9399D749D41BBBEFC8 Ref B: DUS30EDGE0418 Ref C: 2023-01-21T17:27:39Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXyyXuV4iQlBUdXBt80vQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LD684EPN-1O-2UUQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame B7F5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OQAa6MEVQ-KnhDyoeS0NKw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OQAa6MEVQ-KnhDyoeS0NKw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OQAa6MEVQ-KnhDyoeS0NKw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4VRJ6RCYVK58QK8YDSBE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OQAa6MEVQ-KnhDyoeS0NKw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame A1C8 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LD684EPN-1O-2UUQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.js
eus.rubiconproject.com/ Frame 68B0 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3bf5fbf2eec95da76a21904f6c12b7d4c739d21d1dc29abe8dad4270fbf5a071

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Sat, 21 Jan 2023 17:27:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 21 Jan 2023 02:40:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33096
Connection
keep-alive
Content-Length
10036
Expires
Sun, 22 Jan 2023 02:39:14 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG2SR4CZDE&gtm=2oe1i0&_p=390999659&cid=190685867.1674322054&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1674322054&sct=1&seg=0&dl=https%3A%2F%2Famenazaytx.site%2F&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&en=scroll&epn.percent_scrolled=90&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG2SR4CZDE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2ZXVHQW49E&gtm=2oe1i0&_p=390999659&cid=190685867.1674322054&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1674322054&sct=1&seg=0&dl=https%3A%2F%2Famenazaytx.site%2F&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&en=scroll&epn.percent_scrolled=90&_et=8
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2ZXVHQW49E&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 0721 		35 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=6714FF8F-173D-42C6-859B-C9C2E6553461&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 21 Jan 2023 17:27:39 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 523F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d02763cc-208a-4600-94d6-be2c038cecda&gdpr=0&gdpr_consent=
42 B
402 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d02763cc-208a-4600-94d6-be2c038cecda&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 21 Jan 2023 17:27:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 21 Jan 2023 17:27:39 GMT
Expires
Sat, 21 Jan 2023 17:27:38 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 357 2feb0b5 master cdg-pixel-x30 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d02763cc-208a-4600-94d6-be2c038cecda&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 94B0
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6313680074340446688
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6313680074340446688
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 21 Jan 2023 17:27:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6313680074340446688
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 1945
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 21 Jan 2023 17:27:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 21 Jan 2023 17:27:39 GMT
expires
Sat, 21 Jan 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1285422
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 3247 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6714FF8F-173D-42C6-859B-C9C2E6553461&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 21 Jan 2023 17:27:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
G0JRS72YH4WTYRHPQC06
Pug
image2.pubmatic.com/AdServer/ Frame 8E9D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NdE-8DHSZfEu0m3wMINw8GLVZPcu2mWjYoYbh2Xp
42 B
570 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NdE-8DHSZfEu0m3wMINw8GLVZPcu2mWjYoYbh2Xp
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 21 Jan 2023 17:27:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 21 Jan 2023 17:27:39 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NdE-8DHSZfEu0m3wMINw8GLVZPcu2mWjYoYbh2Xp
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
sync
ads.servenobid.com/ Frame 907B 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=6714FF8F-173D-42C6-859B-C9C2E6553461
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Sat, 21 Jan 2023 17:27:39 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4049
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZxT_jxc9QsaFm8nC5lU0YQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:39 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=133722
accept-ranges
bytes
content-length
5554
expires
Mon, 23 Jan 2023 06:36:21 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 4049
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=6714FF8F-173D-42C6-859B-C9C2E6553461&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame 4049
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6714FF8F-173D-42C6-859B-C9C2E6553461&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6714FF8F-173D-42C6-859B-C9C2E6553461&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6714FF8F-173D-42C6-859B-C9C2E6553461&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6714FF8F-173D-42C6-859B-C9C2E6553461&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date
Sat, 21 Jan 2023 17:27:39 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6714FF8F-173D-42C6-859B-C9C2E6553461&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame 4049
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjcxNEZGOEYtMTczRC00MkM2LTg1OUItQzlDMkU2NTUzNDYx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 21 Jan 2023 17:27:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4049
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJgdOY4DCiQwBQqnIAyTdpc&google_cver=1
42 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJgdOY4DCiQwBQqnIAyTdpc&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 21 Jan 2023 17:27:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJgdOY4DCiQwBQqnIAyTdpc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 4049 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 17:27:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 20 Jan 2023 17:27:39 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4049
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7748378143796879746
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7748378143796879746
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 21 Jan 2023 17:27:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 21 Jan 2023 17:27:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7748378143796879746
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 4049 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Jan 2023 17:27:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
async_usersync
ib.adnxs.com/ Frame 6C93 		0
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
AN-X-Request-Uuid
30b20444-e586-487a-a3c9-db3d3b757c31
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.35; 81.95.5.35; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 570F 		0
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Jan 2023 17:27:39 GMT
AN-X-Request-Uuid
2cc7dd0c-71ef-4cd0-8746-d742e7f419f4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.35; 81.95.5.35; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
postback
s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/ Frame F6D1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.88.0/596918/AcWPiXgAEeTuS4H7/postback?pp=11793&gt=2921044&ci=596918&dm=970x250&c2=15064&ti=43656566482233002141640&dt=5969181520951367361000&pv=ab437893-3012-4a9b-8aa6-e4e0801b976e&si=9019839&pc=286958&di=amenazaytx.site&md=1&c1=2409&to=3&ai=15025&sr=12&cb=1674322054&sid=AcWPiXgAEeTuS4H7&oz_sc=0ccbe9f967fe7c0096bead6b&oz_df=1674322060627&oz_l=279&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.88.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 21 Jan 2023 17:27:39 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=339&uid=y-NdKxAzNE2uGN7XBXDb8bryH446ivOGn3SsQTQ4w-~A
Domain
demand.trafficroots.com
URL
https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| oncontentvisibilityautostatechange object| _wpemojiSettings object| twemoji object| wp function| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP function| gtag object| dataLayer object| _0x6932 object| _0x21f3 function| _0x48e6 boolean| _purpleAdsDisplayInit object| globalSlots string| purpleadsInstanceId object| purpleadsAgent object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal number| persistclose number| startX number| startY string| verticalpos function| iecompattest function| get_cookie function| closebar function| staticbar function| verifyCallback function| onloadCallback object| Light function| updateDCPAProgress object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| _0x6197 function| ver_enlaces object| interstitialSlot object| googletag object| ggeac object| google_js_reporting_queue object| dataSWP object| pbs object| target object| kadenceConfig object| kadence object| google function| check_ga function| ga function| ADSendWebPushVideo string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| srcReplaceableElms undefined| google_measure_js_timing object| google_reactive_ads_global_state object| gaplugins object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| ADAGIO object| _ADAGIO object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| gaData number| _tlTagsPending object| Adform number| barheight function| stayTopLeft object| ftlObj object| GoogleGcLKhOms object| criteo_syncframe_state object| google_image_requests

119 Cookies

Domain/Path Name / Value
.amenazaytx.site/ Name: _ga_HVPFKTV6LZ
Value: GS1.1.1674322053.1.0.1674322053.0.0.0
.amenazaytx.site/ Name: _ga_GG2SR4CZDE
Value: GS1.1.1674322054.1.0.1674322054.0.0.0
.amenazaytx.site/ Name: _ga_2ZXVHQW49E
Value: GS1.1.1674322054.1.0.1674322054.0.0.0
amenazaytx.site/ Name: cookielawinfo-checkbox-necessary
Value: yes
amenazaytx.site/ Name: cookielawinfo-checkbox-functional
Value: no
amenazaytx.site/ Name: cookielawinfo-checkbox-performance
Value: no
amenazaytx.site/ Name: cookielawinfo-checkbox-analytics
Value: no
amenazaytx.site/ Name: cookielawinfo-checkbox-advertisement
Value: no
amenazaytx.site/ Name: cookielawinfo-checkbox-others
Value: no
amenazaytx.site/ Name: viewed_cookie_policy
Value: yes
.servenobid.com/ Name: cap_559
Value: 10
.prebid.a-mo.net/ Name: __amc
Value: 3_1674322054_1674322055
.doubleclick.net/ Name: IDE
Value: AHWqTUlF7qiIUlcUJdkKC5GO0Y5dacQXii_FYfun6-zFP8YPGAKYKlArwjAd5OJ6GyM
.amenazaytx.site/ Name: _ga
Value: GA1.2.190685867.1674322054
.amenazaytx.site/ Name: _gid
Value: GA1.2.2122155133.1674322055
.amenazaytx.site/ Name: _gat_sendWebPushNetwork
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.amenazaytx.site/ Name: __gads
Value: ID=57d0e0cbe10516d8-2201877a5cdb004d:T=1674322054:S=ALNI_Mb55MVyWUxaNf8HuEaMcaA_tfL18w
.amenazaytx.site/ Name: __gpi
Value: UID=00000ba6f115617a:T=1674322054:RT=1674322054:S=ALNI_MYrFskxmKZJjkFdndeuTptAiK-TIg
.bidswitch.net/ Name: c
Value: 1674322055
.bidswitch.net/ Name: tuuid_lu
Value: 1674322055
.adform.net/ Name: C
Value: 1
.bidswitch.net/ Name: tuuid
Value: 70e23e84-137f-4ab6-a53d-3e8ca2211bc8
.adform.net/ Name: uid
Value: 7748378143796879746
.3lift.com/ Name: tluid
Value: 60124170595399612301
.adform.net/ Name: TPC
Value: 1674322056363
.rubiconproject.com/ Name: khaos
Value: LD684EPN-1O-2UUQ
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrv28T+e6NRSe69kpEF3Kfh1zzhK/lM5zMbC3bUynIMl3D15xWAwfFAqS1t3jwmwlKKygW4xCR73kTbP1FNfde8
.criteo.com/ Name: uid
Value: d96f3d5c-0bc3-4006-8890-29cf3a92c074
.servenobid.com/ Name: pid_327
Value: fdc3ae2b-2a51-4008-89ac-29177a8bf1a1
.casalemedia.com/ Name: CMPS
Value: 1149
.casalemedia.com/ Name: CMID
Value: Y8wgih9Y2mshrupLH00G.AAA
.casalemedia.com/ Name: CMPRO
Value: 1188
.yahoo.com/ Name: A3
Value: d=AQABBIogzGMCEJEW88GNRFmcXOdnC_QHw68FEgEBAQFyzWPWYwAAAAAA_eMAAA&S=AQAAAusEOj9s8rZCopm6O7x1ljs
.analytics.yahoo.com/ Name: IDSYNC
Value: 175w~29jt
.gumgum.com/ Name: vst
Value: e_f10c5f61-ad5b-405c-968f-7a8479e2e073
.servenobid.com/ Name: pid_312
Value: 2016046212463888684
.servenobid.com/ Name: pid_333
Value: Y8wgih9Y2mshrupLH00G-AAABKQAAAIB
.servenobid.com/ Name: pid_337
Value: y-NdKxAzNE2uGN7XBXDb8bryH446ivOGn3SsQTQ4w-~A
.servenobid.com/ Name: pid_339
Value: y-NdKxAzNE2uGN7XBXDb8bryH446ivOGn3SsQTQ4w-~A
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ae5401b1-4353-4a83-8463-44beaf694e88-003%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%7D
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjM0NDUzMzQ3NxDiM9QtcUwrds2KdDIxSM0CAPM4boYlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjM0NDUzMzQ3NxDiM9QtcUwrds2KdDIxSM0CAPM4boYlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZm5ibGRkYGphZm4BABusz2wQAAAA
.smartadserver.com/ Name: pid
Value: 2034877323966781362
.servenobid.com/ Name: pid_309
Value: e_f10c5f61-ad5b-405c-968f-7a8479e2e073
.openx.net/ Name: i
Value: 8303e2b6-604f-4ace-9086-575ffd675ba3|1674322058
.servenobid.com/ Name: pid_324
Value: 5107433826115661770
.mathtag.com/ Name: uuid
Value: d02763cc-208a-4600-94d6-be2c038cecda
.emxdgt.com/ Name: euid
Value: 51571674322058758286f1
.w55c.net/ Name: wfivefivec
Value: jwHjvmsY1PjhEu5
.adnxs.com/ Name: uuid2
Value: 2446853442974065804
.emxdgt.com/ Name: eapn_id
Value: 2016046212463888684
.ads.pubmatic.com/ Name: KCCH
Value: YES
.w55c.net/ Name: matchbidswitch
Value: 5
.amenazaytx.site/ Name: cto_bundle
Value: YDzVD19yNFdZeGlvc0k3JTJGODZGRG9TJTJGRFNOZXhPajRuNCUyQlZ2NnhlTUFmV1MwQkNpdjJHOUJMTW1wV0NuNHZnWE1USGszQWFXWmwyUWFySXh6NGl2enc0dGFTNnclMkIlMkZadjd0eUt2UjklMkJmOU1EeFJqVGY0NFclMkIzaFFFJTJCak5lRktUMDdzaVNld3hkcGV6VEE0UyUyRjF3ZUpPNXRITFElM0QlM0Q
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y8wgigAAA8L1gAAh
.simpli.fi/ Name: suid
Value: 6854CB30F65E4DD5AD389BA22166AC37
.go.sonobi.com/ Name: HAPLB8S
Value: s85103|Y8wgj
.creativecdn.com/ Name: ts
Value: 1674322058
.creativecdn.com/ Name: u
Value: ffU6dhiPVn9A68e0CY6L
.admanmedia.com/ Name: ac_r
Value: CS71
.quantserve.com/ Name: mc
Value: 63cc208b-00c3a-ca79d-880ad
.bidr.io/ Name: bito
Value: AAGsLU7HmEEAACBkRRaruA
.bidr.io/ Name: bitoIsSecure
Value: ok
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.adotmob.com/ Name: uid
Value: 08a322040308edb06ef0d5a9
.adotmob.com/ Name: uuid
Value: 08a322040308edb06ef0d5a9
.adotmob.com/ Name: partners
Value: SMA%3A1674322058810
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-bf694ea0-6ab7-3155-ad66-f972fad16a95
.admanmedia.com/ Name: admtr
Value: 18eb43b6-109d-4bbb-9725-f20e32f07625
.company-target.com/ Name: tuuid
Value: 3130712b-89fd-439f-9149-945d790a00c3
.company-target.com/ Name: tuuid_lu
Value: 1674322059
.outbrain.com/ Name: obuid
Value: 939028a3-d32e-4930-bd52-23442aaa46e5
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 779972363af63b7a
.360yield.com/ Name: tuuid_lu
Value: 1674322059
.360yield.com/ Name: tuuid
Value: 986b257b-0cbb-4dd7-bdd3-a20ad513e047
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.zemanta.com/ Name: zuid
Value: eizd2c8NnurY6bVOfeYy
.smartadserver.com/ Name: csync
Value: 79:d96f3d5c-0bc3-4006-8890-29cf3a92c074|127:AAGsLU7HmEEAACBkRRaruA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 6714FF8F-173D-42C6-859B-C9C2E6553461
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 162412:2
.pubmatic.com/ Name: DPSync3
Value: 1675468800%3A201_197_219_221
.pubmatic.com/ Name: SyncRTB3
Value: 1675468800%3A13_251_8_220_56_7_54_161_21%7C1675555200%3A35
.amazon-adsystem.com/ Name: ad-id
Value: A2uZStyUQ0XNo8VIjOzfibU
.quantserve.com/ Name: d
Value: EMIBEgGNKPijD9r7EA
.servenobid.com/ Name: pid_316
Value: 6714FF8F-173D-42C6-859B-C9C2E6553461
.fiftyt.com/ Name: fifid
Value: a97d7d2d-b87c-49fa-5cde-0b8c276da2fb
.fiftyt.com/ Name: cs
Value: MTY3NDMyMjA1OXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fCq9L6t45GzGPqXF1Xw1jl-TEoim05f_2nJYZfs8Da6W
.onaudience.com/ Name: cookie
Value: 003c4be7fbb96ec9
.onaudience.com/ Name: done_redirects147
Value: 1
.bluekai.com/ Name: bku
Value: ikG99/LQpsmfJpTc
.bluekai.com/ Name: bkpa
Value: KJhz06NFLM9z9wOwDtdTXA4yKx8A6DaqLutQCu3UoDvpWP2ZVkMswFt00yTfddvqrSTl1d9U3l2wUHLhRdPrB4d4tfllmPJavZ/ZNgu5M5fbdrsxF6S9WKepyGlljFokqFgKbt7p4Am9OtKLsIXB970IerSimyuT654gVEKU7I4MaFZht9e5nZBJ+X5eseeJ383uAsVzc6AV11WeD1OAn9nNhNz30H7yuCNTpD8zkmEjk8uUG4o23SHX4bJJ7CjJUD3x1zfuGkuiniQsZoHfAVIVjPWOl5Vht3V00AHIUY2kZ+Va/ZWSAWx5Qs67gIleHFwJTaTK+FFxpHQ+w1dfcQOPLkl6
.servenobid.com/ Name: pid_317
Value: 6860278879228630871
.fiftyt.com/ Name: fppm
Value: 20230121172739
.de17a.com/ Name: guid
Value: 1.6313680074340446688
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&aa44baa4-1862-4bf3-8ef1-4345e7774046"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzQzMjIwNTk7MjswMjENUcfUrPpymVQT0yBhdGT+cliXSp9ZPa9hRFcmibcryA==
.linkedin.com/ Name: lidc
Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2535:u=1:x=1:i=1674322059:t=1674408459:v=2:sig=AQFjpx4EzkGZ4tb-YEJyaq-AQgJZatTb"
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7748378143796879746&KRTB&23263-7748378143796879746
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:d02763cc-208a-4600-94d6-be2c038cecda&KRTB&16736-uid:d02763cc-208a-4600-94d6-be2c038cecda&KRTB&23019-uid:d02763cc-208a-4600-94d6-be2c038cecda&KRTB&23114-uid:d02763cc-208a-4600-94d6-be2c038cecda
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-NdE-8DHSZfEu0m3wMINw8GLVZPcu2mWjYoYbh2Xp&KRTB&19420-NdE-8DHSZfEu0m3wMINw8GLVZPcu2mWjYoYbh2Xp&KRTB&22979-NdE-8DHSZfEu0m3wMINw8GLVZPcu2mWjYoYbh2Xp&KRTB&23403-NdE-8DHSZfEu0m3wMINw8GLVZPcu2mWjYoYbh2Xp
.pubmatic.com/ Name: PugT
Value: 1674322059
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEJgdOY4DCiQwBQqnIAyTdpc&KRTB&22987-CAESEJgdOY4DCiQwBQqnIAyTdpc&KRTB&23025-CAESEJgdOY4DCiQwBQqnIAyTdpc&KRTB&23386-CAESEJgdOY4DCiQwBQqnIAyTdpc
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6313680074340446688
.ipredictive.com/ Name: cu
Value: 50c81bb0-3200-484b-9110-6c26cd6741e8|1674322059649
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-63406a5f-bca7-40bd-6732-13b1c082dcdd.tHYopmyJf7yu9vu9puc0%2Bjv%2BlO4sASXT1RL2mhbWrnc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AY0BqX7ynQL1nMhOxwILc3VFfBSM.atEkhNGCZC456XyOMG0eS1AGP4XsaeGPFUk8mZj%2FKNY
.lijit.com/ Name: ljt_reader
Value: GBkXrRZH1u9_9NJ1RwG2L1VO
.servenobid.com/ Name: pid_310
Value: GBkXrRZH1u9_9NJ1RwG2L1VO

29 Console Messages

Source Level URL
Text
javascript warning URL: https://cdn.eswhik.com/npm/theme.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/npm/tags, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/theme.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/npm/tags, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/jquery/jquery-3.5.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/jquery/jquery-3.5.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://eswhik.github.io/drive/buttons/z1/config, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/300x250-cpm.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/analytics-eswhik, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/reCAPTCHA/sites, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/reCAPTCHA/Sistema-Blogger-2.0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/api-popunder.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/tags/pregressAdTime, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/api/api-eswhik-push, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/copyright-eswhik.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/api/api-eswhik-cpm-v2, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/load-scripts-eswhik-premium.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://eswhik.github.io/drive/buttons/z1/config
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://unpkg.com/ionicons@5.5.2/dist/ionicons/ionicons.esm.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://eswhik.github.io/drive/buttons/z1/config
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://eswhik.github.io/drive/buttons/z1/error, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://cdn.eswhik.com/drive/reCAPTCHA/sites
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://cdn.eswhik.com/drive/tags/pregressAdTime
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/progressAd.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/drive/tags/pregressAdTime
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/ConfigProgressAd.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/drive/api/api-eswhik-push(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/tags/eswhik-push, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/drive/api/api-eswhik-push(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/tags/eswhik-push, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/drive/tags/eswhik-push
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/eswhik-push.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/drive/api/api-eswhik-cpm-v2(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/tags/cpm-script-v2-eswhik, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/drive/api/api-eswhik-cpm-v2(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/tags/cpm-script-v2-eswhik, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/022301041800000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
worker error URL: blob:https://amenazaytx.site/a3e3d9fe-211d-4d98-922d-f3521eab9815
Message:
Mixed Content: The page at 'blob:https://amenazaytx.site/a3e3d9fe-211d-4d98-922d-f3521eab9815' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://amenazaytx.site/a3e3d9fe-211d-4d98-922d-f3521eab9815
Message:
Mixed Content: The page at 'blob:https://amenazaytx.site/a3e3d9fe-211d-4d98-922d-f3521eab9815' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

818cc620f3ccaa74b8513e7bc705452d.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad4m.at
ads.pubmatic.com
ads.rubiconproject.com
ads.servenobid.com
adservice.google.com
adservice.google.de
amenazaytx.site
analytics.webgains.io
ap.lijit.com
api.purpleads.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
aud.pubmatic.com
aws-fr-sync.bidswitch.net
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cdn.ampproject.org
cdn.eswhik.com
cdn.psdn.xyz
cdn.purpleads.io
cdn.sendwebpush.com
cdn.track.production.webgains.team
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
d5p.de17a.com
demand.trafficroots.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eswhik.github.io
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
ghent-aws-fr.bidswitch.net
gum.criteo.com
ib.3lift.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
log.outbrainimg.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mp.4dex.io
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.update.3lift.com
s1.adform.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
smarttag.rubiconproject.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.technoratimedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track.webgains.com
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.fiftyt.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ads.servenobid.com
demand.trafficroots.com
104.111.217.14
104.96.145.246
13.32.27.45
13.32.99.54
141.226.228.48
141.94.171.214
141.95.98.64
142.250.186.34
147.75.85.234
151.101.194.49
172.64.154.237
178.250.2.146
178.250.2.151
18.133.22.21
18.156.0.31
18.156.30.226
18.158.8.202
18.169.200.225
18.203.20.80
18.66.15.50
185.183.112.148
185.184.8.90
185.29.134.244
185.64.189.110
185.64.190.80
185.64.190.87
185.80.39.216
185.86.137.133
185.86.139.104
185.89.210.46
193.0.160.128
193.122.130.38
198.148.27.140
198.47.127.19
2.18.235.93
2.19.35.65
20.127.253.7
2001:4860:4802:32::36
202.241.208.55
205.185.216.10
209.54.182.161
213.155.156.180
213.19.147.45
213.19.162.41
216.52.2.30
23.203.124.180
23.203.124.192
23.35.229.181
2600:9000:211a:dc00:1b:5138:8a40:93a1
2600:9000:211a:e200:1f:4c18:bd40:93a1
2606:4700:10::6816:4ae5
2606:4700:20::681a:8a9
2606:4700:20::681a:ad1
2606:4700::6810:7caf
2606:4700::6812:372
2606:50c0:8002::153
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2a00:1450:4001:80b::2001
2a00:1450:4001:811::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2002
2a00:1450:400d:803::2001
2a00:1450:400d:804::2001
2a00:1450:400d:806::2002
2a00:1450:400d:807::2004
2a00:1450:400d:807::2008
2a00:1450:400d:808::2003
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2002
2a00:1450:400d:80d::2003
2a02:2638:1::13
2a02:2638:1::3
2a02:2638::24
2a02:4780:b:730:0:2ede:94d2:a
2a05:d018:d29:3605:3a35:c032:6d7e:7081
2a06:98c1:3120::c
3.123.192.137
3.126.29.61
3.210.159.45
3.68.24.7
34.107.148.139
34.247.128.14
34.247.233.198
34.248.176.243
34.91.62.186
34.96.71.22
34.98.64.218
35.201.96.126
35.71.131.137
37.157.5.141
37.157.5.72
37.157.6.241
44.205.120.122
51.89.9.253
52.210.29.120
52.95.125.22
54.171.54.65
54.80.89.182
54.88.156.252
64.202.112.159
64.74.236.31
65.9.66.11
65.9.95.20
69.166.1.12
69.173.144.138
69.173.151.100
72.251.249.9
76.223.111.18
77.245.57.72
8.18.47.7
80.77.87.163
85.114.159.93
0121bf42f1b2aa9d0a57f8911e9a80d4744a910ccf8c1363b2ddbcf58765992e
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
095d3f027d8eeed57e059a6036d4f48b8f62c2a63a908a9c51fe2402573a5f01
0a4d1b836c2b902736e6390d5ce16ef2fb08b804585c60f4958cc2a23d7b0278
0afa89cb6e2f3db520516d605e1bfcc52b0818c0bacc2ccdbc36a99c1e2b40e3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e3c899ebdaf5b195762425593850487108f4bb5e29fcbc664bf5fab2fcc3a21
0e6e785c644ae75359f83aef8958a50bf81d7fc423f7b1ee94e8fd35ca7f8f33
0f14b612adef254430bdf87ec7405512fe8f5d39de4d789841d1239ef6420492
11401b059365dd387ba607aa55ca532d326d764253ea85de141a4423cedfef27
11efe705d4a9171616d487f55fc477e3ba6c5a1e67100f8eb379cfb80507d54b
12dcd567b94e5ff847b6cb2f1761eae55c371d5df44749bc9db2b1f1a854085b
149dd54cd14220e57903a2977ea614c70d22289d32f84d1756a6f1e58662ce57
15863c30adbf1f3dd1c4eb22b9ed6826d01a9beadf44db08d7ecedb6836ed131
15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513
17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1d099a3bd04498846916c854ee78d6310c58ba46f4b63751acab6b8fc8ef0b8c
1da32e6a401aef72a58be2d0a1fb4ef2d3e2b964bd9742cd2c99c60e8ad1d764
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
1ed6438bfe41ea5183dba8da3c961dfa38e3090c39d6694fc5dd974f57ca56cf
20193736d900f0b602a678f804676349764578ab2adcd07ffebb6d06df1afd96
22c72dadcee3108bec75726d338589e95b3e4f3800336c966a4f03f62a0ef7a6
240b7c14205d1c51fe63edc40a4da6598071bdb67a0823dcebbc711214d61aa0
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
27b888c5dd519dbec7ca6bd80844fff9e58b4e19b6736c269a1da33ebfade28e
2804abe47f80f47f18c36af50e7bf8e520e37eea1b8426110e8f7b2e0cbf4ce6
29daa0d83abf3a2af7c3d706c94b9ea7f15b519cb7cb949c2375654f34398c41
2cd28b80d9e535057a264ac2c787339c3a6e114da736881003dfd5e98ad3de47
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731
2ec6225a4e15fce914847fb3a4ac496b393c23cf38f0a614293b0e7311b7c33b
2f4d3d0e7fd1a21de4e275fd70b4ad1c4534abb87f800475966bfd3bff0d56e1
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
34dd97dc4df4b7473a8c722f5ee839300e53b5a2aefb2a051f6066bb93834e68
36c0e61e59f0da1ef6f6d37f2e5e114bed1e19a12ab9506ef90db93a06277235
3a696b72625c76c1c238f9a1f4a84549ab2af6a805ae2dd7c1cac6c429454f1c
3ac890a163802ac2d431d96a0953a1bbcc52fe10a5fcb59ccd4fc4b5b470782d
3bf5fbf2eec95da76a21904f6c12b7d4c739d21d1dc29abe8dad4270fbf5a071
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0
411ebf3f42ff97b8fdcb02ef60f534e0fd011b86878ec33abf2509b4bfe58037
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b
444f15ddb7a6437f266adee84d37ce6957a9afdef70d0ce5220cd5a892736f0d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a342884f4e8c074f8361fea7eb474b64e31c45a850b37c12ea9c5c7d18ae7fa
4b54ad58fc8cb4dfbd1aeb1f74296e82573a7db1c570dd5255c2e6878d28f519
4c648b28fbfa46cbae28a58852798157c8eb336f795de67c45fa735464b62617
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f
4dc4b7e55acd9cfebf785fda170afd378f8f3a3b4c04a9f7c964d5da409b82fc
4e1b03c46ae34daf7c14e7d57a4d07844808fc28acbd442b91dcc407fb9c7fb7
4f0fe033244ded5c7dd431299f5965646bd0e1d111336a0a165967d7f2724405
4fe078f0794b4050d75ff47418e0f03283bd6508cd5b3a59b8e295c3577a438e
4fe5f972980d39ccdab22a40bc98112992bb0f665f5cba63cef65275428e3794
51b9777abda8a6ddc4c1ae2e0d25cc908a3fda58b3ccc541bfd77953832dbf7c
51bb6e5e42da084b36fc157bdc14d6df9a559d918da43fd26bc9ff80d9e1b4d0
54e5a87d0b6a722ce2c8f0950e23f6b8205f391eaf52a4c10c8956b1560d3a52
551e67e644fdfc2b79e4fb37c470badab17fcd3cb54ca781bc109e359cab87d6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e
591346fa989da7e8a68192d91d08a0f676997ece579d3f3621b9942a7f470d38
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b0d4162d50ef77229019246f3635d3d7a7866a051e07e28ac75e30c239c0730
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5dac274ec554db66ab7a95c4a389f1ecb3652da803eaf68cc3cae511fa44f7ff
5e517ad8e188a0988539134143b8bdd42ae4bbeb66c9fa45fb4407489050d0e8
5e9ee91cda1613fb8a3c5304b1b3f4ca5dc937e0fc73db34971c2361b63d56fa
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626d41d119ae024a150a3f7e4ea85727e04a711cd131b54264f1c44578cfcfd2
6468ef54bea2b35c0beb7606a20b5d4ab57047828382a8e391a9ad597ae6dc51
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1
692d3a1345b82c8bde925f3f5c135da778fa34740340aa6deb218d4f9ce414a2
6a1d76d425f41c99d8cff3d7889f0bf86bc1cde398c9e0669f1b396022963d66
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b82df01256e32a7e0225fcd06012bba6d8ea272a96f3e43a5331a059fc170d4
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
6d2cf79989a25b94d2694569e8a8372c34b3cfac8caf3f7c2ae6d97f7e9d02ae
6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8
6f3b6225508385e60fe912919b1afbb766bd99ff912457a1e8923c52b19d67eb
6f64ac193b8bdfb3e002b22df2b7ea816cba2f2e116202ecf01f8234f75abe7b
708a6d945667538389adeb9c23a11b00454203b2fd404b12895dd1d299a8be17
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7520d7376659fb82408fb03f940ca06a2ae4ba9723394ace502a90d0c06a9da7
7816252ae6607ec390b3c7c0a7223949d21681bd07452c96997ddb4979b56973
7899e4ccdbb66bba8489aec160f24c1cb19781ae6811fc9ec69f582697e35a4b
78e99d887a74e2a58d9264a0a15b2953f5ecb5b70838cbaab5a3869a76f8c706
7a74a00770d76ab0091ab55f696ff3984ce7d586b999535a90d4fb00d646166c
7d05117f03b894bb88e2e11b1c8dc0deef0b45bd2a0ead1a9a7e846ab0e0eb55
7e795e5634a34ae5e0f24f55d93af366b704301789b097f49e6cb8f37cfcf519
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fde7ce58c8978f3beb20f0406165d41a9700189b99b314c9d10220237ecb484
820a1fddd5a609082271df120797fde740e6114eef0efe101b9a57d9158e6036
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e9a2e4876f61521aed687586e4840c65bf58d912a4a381440acf47577ea62c
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
84acdcdb100cd0100965d4c5ca2ee738e02f5c72d3a0666beaa7141513c138c8
85a6cc332356088f9a976902c990983024fa33915d0698c64c2b7ce6c8f2f54e
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe
896290559ddc780fd56f1eb8c1e8c34c4dda9c7b32a7915d875484491acaac09
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ac459d121d8925bf01df7171ad77cf4d71374605c8eea575b68b2adfc005921
8cb657cb1b7274970d3ccaff6cda82b20c95f1a3357e4fe941ccd90bb3e92ab6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e
91719693aaba1c1bce8c2b1e72c389ce290700de2272c9d10a571d2fa338ec0e
9337d4581e7a2b92236a8b8de8d8170c3fdd70c02533afe58c9a1295b69031d8
93e5feb3023242ae85c1a3c7c47d48b4e047ae150b7612db2c1669ab0ec702b7
97b42f5456d33762968c00d290a9c536564d2cfd693fc15cf81a454d72e06610
99567af871e6670170ee920f3625ed9d8e3c5c35e4dfa609a13e656bcf78e0a8
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
9a531463641125977e3c0db5fb89fde3ecd4b0ac25ea0aceb3c235dd55a5472c
9e3afd8335c2469868818715de35301fc4060c5e54fa0047c0aeae6a9b52fd81
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a08b8f18f9cb1046be5b9546bb0bc3fc718acdf0b4cfb0c244d57c12cc4e916b
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a675db82126493bf9927ab29dba89f77e0e763622eb5f7725af4aa10b204c807
a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a
aa4cee6d06fb8e1a031b8476c6a85982de78467a45782c2d4dabcf8306238b60
ab79d75854050d545dc226e87d89007670f6904ee0fbfec6568d41e8c8e2076c
ac34695b72e4e902bba01b5ef320dcd2aa03edf02bfb909a3ca23b9d2607899c
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad5d6395683df0773cfe7fa4d5a43d0f80399e6000469783a2dcae9522902986
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b21d3c56aeef3518b68c85bd9781959252945de5eaf59a513a6075ec14448c
b626f538b29b45c89cb8ea1771518cc770d7f6a7f70ce03a1f82ddc737799493
b7d7b4a5ffa1399bbb123047bbed2db51145899e86aad7245900db19c6049232
b94d71810c0fdafa6b0fe136789371d9275ac46703510d6802db6f7e32106e1a
b9e843e63acdf34d5a5edbba301377df7e0089c44be896e2b36e9293227dbcda
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb28d5000b17859dbee113b7ac6558134eaf9ab5bba8b41d48c1610e8804b596
bc4ff10b35a5ba443996e0aa309f63af282a2a81a02e35705430ec21892984dd
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd910a0e75b960acc6dd11ac4d5064f949e2597fdee997ee19b0fd7f55176e56
bdccd30e60dfae2833e120c4a9b8e15b3659c4d52f59d18a22efbb914032b229
be53e65e477f21d0e1df301be1077c090084ff561f2023eff0600841a4433c9c
bf9f723c8119c017afec425fdbe058bd4404e0c5853ff4a72164449d8507a210
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f
c1e32268b250ca0f8be0cbd217201178eee737fb781a6d99e8150ac8ff4fb95d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c4a617bf578d0a7c2d14d37998a1ef73299daeec9efd06156cd9325f799b968c
c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb15f9e8ec6593a6a918720fdc2cc2e928813dcc6e1c18d4ff8fbb1933bbc535
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d51d121576ef02bdaad12e896dc6fe50ec7c8c54ffa41511c5cc5c7dbb344e
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d190fcd22bee0b1952bd5d85ab6db8eff58d036a0208f762a4545057894ac559
d1928021ac2964da4cb99e2cb77e08d93d00cfe849c65fbce3587231837b6c29
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282
d5e16a83fea1112a157b0757cc50c18680d557bd4e8ab41cecbc8fb2f1b90fc4
d7195d5522c8828139ebb1194841d31af4adfacde3686412dc8980fe2e229387
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197
db355226168af7d46d5cef627cd58bac67c728ab4d22e1c6b4a47af69f8b951e
db3c4bd109137190d4a6cdb66954772cf7d0072d3e202fa6ce7ca40a2f70a65e
dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598
dcc19958809bc3db2abb40ba313906fe1bfa2c235357f39da400709e9c79c1e7
e08ae450b1c82b16bb7d6881208f351630e80eb96dc16ba085470178b8ddc6ae
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e11a1b1adf786512587e757e9b095ffc77770f5a6dbaa66615398bc903fab82e
e30b44b8d21b6e4ce222fc93fc5430d01d42b1844015a43df489b1883e447de3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f011e9a762c0349e2f4aa73435601afa2f5b7c86634b1d13052dee04e9897d
e5298fcbceb1716f86d63af5e44b8ee846aa8accd7003b960a27ebf12de51f8f
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e70a689c7bf85ff2946b25e621149b9df4c2f72c88afabf946c82d3b46ed0eb2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9567220eb5f2b07603aae51a311748502edfa671e807f99196f34af344ef306
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
ed4ee8181abeabebe40f5bda586481634ec19b228a8a28f975b3b2296d4d7720
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee5e92ed3a0de89dee381b5e632589f00cda7391453cb06c5410d67350440b1c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f008162fa330a82dceb974a8e4e0ab2bfdeef1e3c2a417a0a517ccbfe4674505
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f1187aaf2d088463fbbbaa64b5f8c3f981297c56c8ce9058084542ae4a3dc62c
f170245e9c00d8853d78f4fe10add0adcc8dd1648d34dfa54a9c3bde2aa6023d
f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa
f46d94840c903a15d22f37b355f71205554b15abd725d6ad0d81f7ca21e8f38e
f5536aad22eaec75feb7fea986b8f40679daefaf9ad561eb2965c756d474947c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
facd25d708d9c13ecbbee553e7eb9e729075f1e929bb528cad034217135f0692
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
fc55ce379042f86a54642c1209dd96cac13d5297445da4b297faf7b2b7c206de