urlscan.io logo urlscan.io
SecurityTrails logo

www.itpro.com Open in urlscan Pro
151.101.66.114  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.itproportal.com/news/up-to-18000-business-hit-in-solarwinds-hack/
Effective URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Submission: On May 01 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 126 IPs in 7 countries across 128 domains to perform 582 HTTP transactions. The main IP is 151.101.66.114, located in United States and belongs to FASTLY, US. The main domain is www.itpro.com. The Cisco Umbrella rank of the primary domain is 371597.
TLS certificate: Issued by R3 on March 24th 2023. Valid for: 3 months.
This is the only time www.itpro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 151.101.66.114 54113 (FASTLY)
12 8.240.131.250 3356 (LEVEL3)
12 18.164.124.20 16509 (AMAZON-02)
12 151.101.2.114 54113 (FASTLY)
28 8.252.30.250 3356 (LEVEL3)
4 151.101.194.114 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
23 151.139.128.10 20446 (STACKPATH...)
1 18.164.101.60 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
4 99.84.37.44 16509 (AMAZON-02)
1 52.205.167.202 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 52.6.168.233 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
3 4 2600:9000:220... 16509 (AMAZON-02)
1 2600:9000:220... 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2600:9000:21d... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 35.241.9.51 15169 (GOOGLE)
9 16 68.67.160.24 29990 (ASN-APPNEX)
1 104.19.150.54 13335 (CLOUDFLAR...)
11 34.107.254.252 396982 (GOOGLE-CL...)
1 185.113.25.52 20596 (FUTURE)
13 2a04:4e42:600... 54113 (FASTLY)
6 2607:f8b0:400... 15169 (GOOGLE)
1 13.35.93.124 16509 (AMAZON-02)
2 4 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
3 108.138.107.138 16509 (AMAZON-02)
1 18.164.116.28 16509 (AMAZON-02)
5 2a03:2880:f11... 32934 (FACEBOOK)
1 152.199.5.228 15133 (EDGECAST)
3 2607:f8b0:400... 15169 (GOOGLE)
2 18.164.94.225 16509 (AMAZON-02)
3 3 8.28.7.81 62713 (AS-PUBMATIC)
2 8.28.7.109 62713 (AS-PUBMATIC)
1 35.190.59.101 15169 (GOOGLE)
1 2a04:4e42::626 54113 (FASTLY)
13 2607:f8b0:400... 15169 (GOOGLE)
2 22 209.54.182.161 16509 (AMAZON-02)
19 2603:c020:400... 31898 (ORACLE-BM...)
9 52.7.9.61 14618 (AMAZON-AES)
1 54.173.145.199 14618 (AMAZON-AES)
2 35.211.165.199 19527 (GOOGLE-2)
2 104.18.24.185 13335 (CLOUDFLAR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
2 104.36.115.111 62713 (AS-PUBMATIC)
3 2607:f8b0:400... 15169 (GOOGLE)
5 18 35.244.159.8 15169 (GOOGLE)
17 20 35.211.178.172 19527 (GOOGLE-2)
1 5 23.52.158.180 16625 (AKAMAI-AS)
1 1 34.197.160.225 14618 (AMAZON-AES)
3 3 151.101.194.49 54113 (FASTLY)
4 6 2600:1f18:4e9... 14618 (AMAZON-AES)
14 14 3.33.220.150 16509 (AMAZON-02)
22 28 142.251.40.226 15169 (GOOGLE)
5 24 192.40.39.223 27381 (CASALE-MEDIA)
1 1 199.187.193.181 47043 (SMARTADSE...)
12 12 2606:ae80:145... 25751 (VALUECLICK)
5 10 52.6.78.119 14618 (AMAZON-AES)
11 72.247.71.192 16625 (AKAMAI-AS)
18 23.5.102.29 16625 (AKAMAI-AS)
4 7 198.148.27.140 19189 (PULSEPOINT)
9 10 34.200.65.202 14618 (AMAZON-AES)
8 22 52.223.22.214 16509 (AMAZON-02)
2 4 18.164.116.39 16509 (AMAZON-02)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
3 7 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
7 11 69.173.151.100 26667 (RUBICONPR...)
8 8 70.42.32.223 13789 (INTERNAP-...)
4 6 104.72.156.219 16625 (AKAMAI-AS)
2 2 192.132.33.46 18568 (BIDTELLECT)
1 1 54.205.21.165 14618 (AMAZON-AES)
9 9 52.86.16.29 14618 (AMAZON-AES)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 2 34.200.84.78 14618 (AMAZON-AES)
2 2 3.20.111.216 16509 (AMAZON-02)
3 3 18.213.234.27 14618 (AMAZON-AES)
4 4 8.43.72.98 26667 (RUBICONPR...)
4 4 69.175.41.32 32475 (SINGLEHOP...)
1 67.220.228.200 16509 (AMAZON-02)
2 2620:1ec:21::14 8068 (MICROSOFT...)
13 13 199.127.204.171 26120 (RHYTHMONE)
2 104.18.10.47 13335 (CLOUDFLAR...)
1 10 23.221.200.79 16625 (AKAMAI-AS)
1 2606:2800:21f... 15133 (EDGECAST)
3 3 185.167.164.39 198622 (ADFORM)
1 1 199.187.193.202 47043 (SMARTADSE...)
6 6 72.247.65.83 16625 (AKAMAI-AS)
9 9 67.202.105.22 32748 (STEADFAST)
1 2 67.202.105.33 32748 (STEADFAST)
3 51.222.39.184 16276 (OVH)
5 5 68.67.179.164 29990 (ASN-APPNEX)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
2 2 162.248.18.37 62713 (AS-PUBMATIC)
2 7 199.187.193.179 47043 (SMARTADSE...)
1 1 192.96.203.13 30633 (LEASEWEB-...)
3 3 199.38.167.130 54312 (ROCKETFUEL)
1 141.226.224.48 200478 (TABOOLA-AS)
8 8 216.200.232.249 30419 (MEDIAMATH...)
2 2 52.87.62.161 14618 (AMAZON-AES)
1 1 74.119.119.150 19750 (AS-CRITEO)
1 1 35.190.90.30 15169 (GOOGLE)
5 5 35.207.24.140 15169 (GOOGLE)
5 5 34.206.15.1 14618 (AMAZON-AES)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
1 1 107.21.30.255 14618 (AMAZON-AES)
1 13.225.214.50 16509 (AMAZON-02)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.197.1.203 14618 (AMAZON-AES)
2 3 35.227.252.103 15169 (GOOGLE)
2 2 54.147.162.32 14618 (AMAZON-AES)
4 4 207.198.113.86 13768 (COGECO-PEER1)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 16 69.166.1.12 27630 (AS-XFERNET)
6 34.117.239.71 396982 (GOOGLE-CL...)
1 54.164.26.28 14618 (AMAZON-AES)
1 108.138.128.83 16509 (AMAZON-02)
6 2602:803:c001... 26667 (RUBICONPR...)
1 35.174.196.190 14618 (AMAZON-AES)
2 2 2600:1f18:612... 14618 (AMAZON-AES)
2 4 52.73.45.124 14618 (AMAZON-AES)
19 195.244.31.11 63140 (IGUANA-WO...)
2 2 54.85.199.144 14618 (AMAZON-AES)
1 174.137.133.32 27257 (WEBAIR-IN...)
1 1 159.89.246.130 14061 (DIGITALOC...)
1 1 107.22.73.131 14618 (AMAZON-AES)
1 4 54.167.225.48 14618 (AMAZON-AES)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:1f18:61c... 14618 (AMAZON-AES)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 18.164.96.35 16509 (AMAZON-02)
1 1 35.214.153.92 15169 (GOOGLE)
1 1 18.219.235.171 16509 (AMAZON-02)
2 4 54.211.43.57 14618 (AMAZON-AES)
1 1 204.62.13.72 46636 (NATCOWEB)
2 2 96.46.186.57 7979 (SERVERS-COM)
1 2607:4f00:957::2 55081 (24SHELLS)
1 1 2600:9000:220... 16509 (AMAZON-02)
2 52.85.61.61 16509 (AMAZON-02)
2 7 23.227.139.243 55081 (24SHELLS)
3 3 52.54.128.17 14618 (AMAZON-AES)
1 1 213.19.162.90 ()
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.16.195 13335 (CLOUDFLAR...)
10 2607:f8b0:400... ()
1 2607:f8b0:400... ()
17 2607:f8b0:400... ()
20 2607:f8b0:400... ()
4 2607:f8b0:400... ()
4 2600:1400:900... ()
6 2607:f8b0:400... ()
2 34.117.158.252 ()
2 142.251.40.194 ()
1 34.117.228.201 ()
3 2607:f8b0:400... ()
1 1 2606:4700:20:... ()
1 2606:4700:20:... ()
1 2606:4700:20:... ()
1 34.242.149.101 ()
2 7 34.111.234.236 ()
1 3.214.24.142 ()
2 2001:4860:480... ()
2 3 52.55.144.0 ()
2 2606:4700:20:... ()
1 142.251.35.166 ()
5 54.77.80.62 ()
2 130.211.23.194 ()
1 2600:9000:251... ()
1 151.101.193.108 ()
582 126
3    151.101.66.114 (United States)

ASN54113 (FASTLY, US)
www.itproportal.com
www.itpro.com
12    8.240.131.250 (United States)

ASN3356 (LEVEL3, US)
cdn.mos.cms.futurecdn.net
12    18.164.124.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-20.jfk50.r.cloudfront.net
cdn.privacy-mgmt.com
12    151.101.2.114 (United States)

ASN54113 (FASTLY, US)
search-api.fie.futurecdn.net
28    8.252.30.250 (United States)

ASN3356 (LEVEL3, US)
vanilla.futurecdn.net
mos.fie.futurecdn.net
4    151.101.194.114 (United States)

ASN54113 (FASTLY, US)
slice.vanilla.futurecdn.net
1    2606:4700::6812:1af (United States)

ASN13335 (CLOUDFLARENET, US)
6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
23    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
freyr.futurecdn.net
bordeaux.futurecdn.net
champagne.futurecdn.net
ads.servebom.com
pixel.servebom.com
1    18.164.101.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-101-60.jfk50.r.cloudfront.net
cdn.parsely.com
6    2607:f8b0:4006:81f::200e (New York, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    99.84.37.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-44.ewr52.r.cloudfront.net
uk-script.dotmetrics.net
1    52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com
p1.parsely.com
1    2607:f8b0:4006:80d::200e (New York, United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    52.6.168.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-168-233.compute-1.amazonaws.com
sommelier.futurehybrid.tech
1    2607:f8b0:4006:822::200e (New York, United States)

ASN15169 (GOOGLE, US)
ampcid.google.ca
4    2600:9000:2209:8a00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
1    2600:9000:2209:7600:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.jwplatform.com
3    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:21dd:f000:d:5ce3:a4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rm-script.dotmetrics.net
3    2607:f8b0:4004:c17::9a (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
6093eccf-6734-4877-ac8b-83d6d0e27b46.prmutv.co
16    68.67.160.24 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
11    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    185.113.25.52 (London, United Kingdom)

ASN20596 (FUTURE, GB)
search-api.fie.future.net.uk
13    2a04:4e42:600::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
assets-jpcust.jwpsrv.com
prd.jwpltx.com
6    2607:f8b0:4006:807::2002 (New York, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    13.35.93.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-124.jfk50.r.cloudfront.net
cdn.adsafeprotected.com
4    2607:f8b0:4006:817::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    2607:f8b0:4006:808::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.ca
3    108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net
c.amazon-adsystem.com
1    18.164.116.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-28.jfk50.r.cloudfront.net
ats-wrapper.privacymanager.io
5    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    152.199.5.228 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
3    2607:f8b0:4006:80c::200a (New York, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    18.164.94.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-94-225.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
3    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    8.28.7.109 (United States)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
1    2a04:4e42::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
13    2607:f8b0:4006:807::2006 (New York, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
22    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
19    2603:c020:400d:3000:67b7:1059:7283:c690 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
jwplayer.technoratimedia.com
sync.technoratimedia.com
uat-net.technoratimedia.com
9    52.7.9.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-9-61.compute-1.amazonaws.com
vpb-server.jwplayer.com
1    54.173.145.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-145-199.compute-1.amazonaws.com
prebid-server.rubiconproject.com
2    35.211.165.199 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 199.165.211.35.bc.googleusercontent.com
grid.bidswitch.net
2    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    2607:f8b0:4006:822::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
18    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
20    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
5    23.52.158.180 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-158-180.deploy.static.akamaitechnologies.com
cs.media.net
hbx.media.net
c21lg-d.media.net
1    34.197.160.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-160-225.compute-1.amazonaws.com
jadserve.postrelease.com
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
6    2600:1f18:4e9:5a05:b3d5:d2d1:9b49:f7b1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
14    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
28    142.251.40.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
cm.g.doubleclick.net
24    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    199.187.193.181 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-us.smartadserver.com
12    2606:ae80:1450:16::2040 (United States)

ASN25751 (VALUECLICK, US)
amazon-tam-match.dotomi.com
pulsepoint-match.dotomi.com
synacor-match.dotomi.com
medianet-match.dotomi.com
33across-match.dotomi.com
purch-match.dotomi.com
10    52.6.78.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-78-119.compute-1.amazonaws.com
match.sharethrough.com
11    72.247.71.192 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-71-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
18    23.5.102.29 (Toronto, Canada)

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-102-29.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
10    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
22    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
4    18.164.116.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-39.jfk50.r.cloudfront.net
sb.scorecardresearch.com
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
7    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
11    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
8    70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
6    104.72.156.219 (Sterling, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-72-156-219.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.46.bidtellect.com
bttrack.com
1    54.205.21.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-21-165.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
9    52.86.16.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-16-29.compute-1.amazonaws.com
match.prod.bidr.io
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
2    34.200.84.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-84-78.compute-1.amazonaws.com
um2.eqads.com
2    3.20.111.216 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-111-216.us-east-2.compute.amazonaws.com
x.videobyte.com
3    18.213.234.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-234-27.compute-1.amazonaws.com
ad.360yield.com
4    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
4    69.175.41.32 (Yorktown Heights, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: sovrn-193627-chi03-placeholder
ap.lijit.com
1    67.220.228.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
13    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
10    23.221.200.79 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-200-79.deploy.static.akamaitechnologies.com
contextual.media.net
1    2606:2800:21f:2cf1:7be6:911:71d9:25f7 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
3    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    199.187.193.202 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-global.smartadserver.com
6    72.247.65.83 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-65-83.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
9    67.202.105.22 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
pixel.33across.com
ssc-cms.33across.com
2    67.202.105.33 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
3    51.222.39.184 (Canada)

ASN16276 (OVH, FR)
PTR: ip184.ip-51-222-39.net
onetag-sys.com
5    68.67.179.164 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
7    199.187.193.179 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
ssbsync.smartadserver.com
1    192.96.203.13 (Fort Scott, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
3    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
8    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    52.87.62.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-62-161.compute-1.amazonaws.com
pm.w55c.net
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
5    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
5    34.206.15.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-15-1.compute-1.amazonaws.com
i.liadm.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
1    107.21.30.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-30-255.compute-1.amazonaws.com
mid.rkdms.com
1    13.225.214.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-50.ewr50.r.cloudfront.net
aa.agkn.com
1    2606:4700::6812:16ea (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
1    34.197.1.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-1-203.compute-1.amazonaws.com
aorta.clickagy.com
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    54.147.162.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-162-32.compute-1.amazonaws.com
sync.ipredictive.com
4    207.198.113.86 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
16    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
purch-sync.go.sonobi.com
6    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
1    54.164.26.28 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-26-28.compute-1.amazonaws.com
tlx.3lift.com
1    108.138.128.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-83.jfk50.r.cloudfront.net
hb.undertone.com
6    2602:803:c001::200:144 (San Jose, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    35.174.196.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-196-190.compute-1.amazonaws.com
pixel.adsafeprotected.com
2    2600:1f18:612b:4200:c281:cce8:5ab8:dc (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
qds0l.publishers.tremorhub.com
4    52.73.45.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-45-124.compute-1.amazonaws.com
sync.bfmio.com
19    195.244.31.11 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
visitor-usa02.omnitagjs.com
2    54.85.199.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-199-144.compute-1.amazonaws.com
ads.creative-serving.com
1    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
1    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
1    107.22.73.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-73-131.compute-1.amazonaws.com
nep.advangelists.com
4    54.167.225.48 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-225-48.compute-1.amazonaws.com
dpm.demdex.net
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    2600:1f18:61c0:2204:f195:b922:3681:7158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    18.164.96.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-35.jfk50.r.cloudfront.net
api-2-0.spot.im
1    35.214.153.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com
csync.loopme.me
1    18.219.235.171 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-219-235-171.us-east-2.compute.amazonaws.com
sync.adotmob.com
4    54.211.43.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-43-57.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
2    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    2607:4f00:957::2 (United States)

ASN55081 (24SHELLS, US)
s.spotim.market
1    2600:9000:2209:e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    52.85.61.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-61.ewr53.r.cloudfront.net
geo.privacymanager.io
7    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.spotim.market
3    52.54.128.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-128-17.compute-1.amazonaws.com
sync.crwdcntrl.net
1    213.19.162.90 (None, )

ASN- ()
pixel-eu.rubiconproject.com
1    2607:f8b0:4006:822::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
1    2607:f8b0:4006:809::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2607:f8b0:4006:817::2001 (New York, United States)

ASN15169 (GOOGLE, US)
f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
2    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
1    104.18.16.195 (None, )

ASN13335 (CLOUDFLARENET, US)
www.dianomi.com
10    2607:f8b0:4006:820::2001 (None, )

ASN- ()
cdn.ampproject.org
1    2607:f8b0:4006:81d::200a (None, )

ASN- ()
fonts.googleapis.com
17    2607:f8b0:4006:821::2001 (None, )

ASN- ()
tpc.googlesyndication.com
20    2607:f8b0:4006:824::2002 (None, )

ASN- ()
pagead2.googlesyndication.com
4    2607:f8b0:4006:81e::2002 (None, )

ASN- ()
www.googletagservices.com
4    2600:1400:9000::687e:769b (None, )

ASN- ()
cdn.doubleverify.com
6    2607:f8b0:4006:80c::2002 (None, )

ASN- ()
googleads.g.doubleclick.net
2    34.117.158.252 (None, )

ASN- ()
rtb0.doubleverify.com
rtbc-uw2.doubleverify.com
2    142.251.40.194 (None, )

ASN- ()
googleads4.g.doubleclick.net
1    34.117.228.201 (None, )

ASN- ()
tps.doubleverify.com
3    2607:f8b0:4006:80d::2008 (None, )

ASN- ()
www.googletagmanager.com
1    2606:4700:20::681a:832 (None, )

ASN- ()
futureplc-com.videoplayerhub.com
1    2606:4700:20::681a:78b (None, )

ASN- ()
btloader.com
1    2606:4700:20::681a:d12 (None, )

ASN- ()
cdn.brandmetrics.com
1    34.242.149.101 (None, )

ASN- ()
p.cpx.to
7    34.111.234.236 (None, )

ASN- ()
ml314.com
1    3.214.24.142 (None, )

ASN- ()
in.ml314.com
2    2001:4860:4802:32::181 (None, )

ASN- ()
analytics.google.com
3    52.55.144.0 (None, )

ASN- ()
ps.eyeota.net
2    2606:4700:20::681a:246 (None, )

ASN- ()
ad-delivery.net
1    142.251.35.166 (None, )

ASN- ()
ad.doubleclick.net
5    54.77.80.62 (None, )

ASN- ()
s.cpx.to
2    130.211.23.194 (None, )

ASN- ()
api.btloader.com
1    2600:9000:2511:4600:1f:2473:9080:93a1 (None, )

ASN- ()
cdn.undertone.com
1    151.101.193.108 (None, )

ASN- ()
acdn.adnxs.com
Apex Domain
Subdomains		 Transfer
60 futurecdn.net
cdn.mos.cms.futurecdn.net — Cisco Umbrella Rank: 18072
search-api.fie.futurecdn.net — Cisco Umbrella Rank: 28199
vanilla.futurecdn.net — Cisco Umbrella Rank: 21269
slice.vanilla.futurecdn.net — Cisco Umbrella Rank: 25624
freyr.futurecdn.net — Cisco Umbrella Rank: 21074
bordeaux.futurecdn.net — Cisco Umbrella Rank: 23240
champagne.futurecdn.net — Cisco Umbrella Rank: 24898
mos.fie.futurecdn.net — Cisco Umbrella Rank: 32974
1 MB
47 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1275
eus.rubiconproject.com — Cisco Umbrella Rank: 798
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
token.rubiconproject.com — Cisco Umbrella Rank: 795
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1475
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1452
fastlane.rubiconproject.com — Cisco Umbrella Rank: 677
pixel-eu.rubiconproject.com
111 KB
46 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ad.doubleclick.net
228 KB
40 googlesyndication.com
f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
257 KB
28 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 455
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994
78 KB
26 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 768
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
20 KB
23 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 535
tlx.3lift.com — Cisco Umbrella Rank: 797
11 KB
22 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1416
x.bidswitch.net — Cisco Umbrella Rank: 427
9 KB
22 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
secure.adnxs.com — Cisco Umbrella Rank: 604
acdn.adnxs.com
40 KB
21 openx.net
u.openx.net — Cisco Umbrella Rank: 974
us-u.openx.net — Cisco Umbrella Rank: 707
rtb.openx.net — Cisco Umbrella Rank: 1886
4 KB
20 technoratimedia.com
jwplayer.technoratimedia.com — Cisco Umbrella Rank: 38420
ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 8025
sync.technoratimedia.com — Cisco Umbrella Rank: 2037
uat-net.technoratimedia.com — Cisco Umbrella Rank: 5110
29 KB
20 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 1037
aud.pubmatic.com — Cisco Umbrella Rank: 9991
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 729
ads.pubmatic.com — Cisco Umbrella Rank: 725
image2.pubmatic.com — Cisco Umbrella Rank: 1377
image8.pubmatic.com Failed
62 KB
19 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1151
visitor-usa02.omnitagjs.com — Cisco Umbrella Rank: 5433
5 KB
19 servebom.com
ads.servebom.com — Cisco Umbrella Rank: 16923
pixel.servebom.com — Cisco Umbrella Rank: 17451
6 KB
16 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1456
purch-sync.go.sonobi.com — Cisco Umbrella Rank: 33768
16 KB
16 media.net
prebid.media.net — Cisco Umbrella Rank: 1912
cs.media.net — Cisco Umbrella Rank: 2272
contextual.media.net — Cisco Umbrella Rank: 838
hbx.media.net — Cisco Umbrella Rank: 2144
c21lg-d.media.net — Cisco Umbrella Rank: 3606
37 KB
15 33across.com
pixel.33across.com — Cisco Umbrella Rank: 5040
ssc-cms.33across.com — Cisco Umbrella Rank: 1678
events-ssc.33across.com — Cisco Umbrella Rank: 4327
6 KB
15 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
6 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
7 KB
14 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2945
entitlements.jwplayer.com — Cisco Umbrella Rank: 3874
vpb-server.jwplayer.com — Cisco Umbrella Rank: 24777
16 KB
13 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
222 KB
12 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 8170
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 10516
synacor-match.dotomi.com — Cisco Umbrella Rank: 11086
medianet-match.dotomi.com — Cisco Umbrella Rank: 12422
33across-match.dotomi.com — Cisco Umbrella Rank: 7205
purch-match.dotomi.com — Cisco Umbrella Rank: 31943
4 KB
12 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 3232
api.permutive.com — Cisco Umbrella Rank: 2596
199 KB
12 privacy-mgmt.com
cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4131
62 KB
10 ampproject.org
cdn.ampproject.org
218 KB
10 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 777
6 KB
9 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 875
7 KB
9 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 825
5 KB
9 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 5678
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2556
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 774
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1052
4 KB
8 ml314.com
ml314.com
in.ml314.com
13 KB
8 spotim.market
s.spotim.market — Cisco Umbrella Rank: 7968
sync.spotim.market — Cisco Umbrella Rank: 3824
5 KB
8 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 744
4 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 813
5 KB
8 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2781
386 KB
8 google.com
ampcid.google.com — Cisco Umbrella Rank: 2680
www.google.com — Cisco Umbrella Rank: 16
adservice.google.com — Cisco Umbrella Rank: 130
analytics.google.com
2 KB
7 doubleverify.com
cdn.doubleverify.com
rtb0.doubleverify.com
tps.doubleverify.com
rtbc-uw2.doubleverify.com
126 KB
7 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 1007
idsync.rlcdn.com — Cisco Umbrella Rank: 621
1 KB
7 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 866
6 KB
6 cpx.to
p.cpx.to
s.cpx.to
6 KB
6 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 842
tags.bluekai.com — Cisco Umbrella Rank: 822
3 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
21 KB
5 liadm.com
i.liadm.com — Cisco Umbrella Rank: 891
3 KB
5 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1505
2 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
264 B
5 google.ca
ampcid.google.ca — Cisco Umbrella Rank: 113793
www.google.ca — Cisco Umbrella Rank: 8003
adservice.google.ca — Cisco Umbrella Rank: 14238
1 KB
5 dotmetrics.net
uk-script.dotmetrics.net — Cisco Umbrella Rank: 4062
rm-script.dotmetrics.net — Cisco Umbrella Rank: 5359
21 KB
4 googletagservices.com
www.googletagservices.com
127 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1009
2 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 277
3 KB
4 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 2570
2 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 985
3 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1955
2 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1341
d.turn.com — Cisco Umbrella Rank: 1830
2 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
3 KB
4 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 520
fonts.googleapis.com
348 KB
3 eyeota.net
ps.eyeota.net
2 KB
3 btloader.com
btloader.com
api.btloader.com
8 KB
3 googletagmanager.com
www.googletagmanager.com
178 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1149
2 KB
3 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 3204
140 B
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1325
2 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 442
dis.criteo.com — Cisco Umbrella Rank: 941
1 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1124
2 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 908
2 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 812
951 B
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 695
1 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1020
778 B
3 gstatic.com
www.gstatic.com
29 KB
3 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3884
171 KB
3 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 4791
geo.privacymanager.io — Cisco Umbrella Rank: 2374
122 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
244 KB
2 ad-delivery.net
ad-delivery.net
1 KB
2 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3572
71 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2547
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 682
766 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1248
s.tribalfusion.com — Cisco Umbrella Rank: 2774
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 5985
1 KB
2 tremorhub.com
qds0l.publishers.tremorhub.com — Cisco Umbrella Rank: 34746
698 B
2 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 4595
cdn.undertone.com
usr.undertone.com Failed
4 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1318
963 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1332
1 KB
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 2690
hde.tynt.com — Cisco Umbrella Rank: 6065
3 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 958
3 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 733
873 B
2 videobyte.com
x.videobyte.com — Cisco Umbrella Rank: 10840
396 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 4708
563 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1329
715 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 1156
879 B
2 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 4712
pixel.adsafeprotected.com — Cisco Umbrella Rank: 982
8 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3747
p1.parsely.com — Cisco Umbrella Rank: 3160
19 KB
2 itpro.com
www.itpro.com — Cisco Umbrella Rank: 371597
93 KB
1 brandmetrics.com
cdn.brandmetrics.com
1 videoplayerhub.com
futureplc-com.videoplayerhub.com
461 B
1 dianomi.com
www.dianomi.com — Cisco Umbrella Rank: 10976
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1005
551 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 3435
542 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 2233
750 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1427
284 B
1 spot.im
api-2-0.spot.im — Cisco Umbrella Rank: 3823
192 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1979
181 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 8285
183 B
1 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 6137
372 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1939
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 2294
281 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 413
669 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 3152
435 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 2696
557 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 775
657 B
1 rkdms.com
mid.rkdms.com — Cisco Umbrella Rank: 1848
552 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1646
639 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1356
231 B
1 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 4618
426 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2579
364 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2452
559 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 6011
391 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1859
537 B
1 skimresources.com
r.skimresources.com — Cisco Umbrella Rank: 4041
387 B
1 future.net.uk
search-api.fie.future.net.uk — Cisco Umbrella Rank: 44369
97 KB
1 prmutv.co
6093eccf-6734-4877-ac8b-83d6d0e27b46.prmutv.co — Cisco Umbrella Rank: 39917
393 B
1 jwplatform.com
content.jwplatform.com — Cisco Umbrella Rank: 4337
44 KB
1 futurehybrid.tech
sommelier.futurehybrid.tech — Cisco Umbrella Rank: 24131
3 KB
1 permutive.app
6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app — Cisco Umbrella Rank: 23587
268 KB
1 itproportal.com
www.itproportal.com
762 B
0 krxd.net Failed
beacon.krxd.net Failed
0 addthis.com Failed
cw.addthis.com Failed
0 bnmla.com Failed
match.bnmla.com Failed
0 smrtb.com Failed
ssl-market-east.smrtb.com Failed
582 128
Domain Requested by
28 cm.g.doubleclick.net 22 redirects u.openx.net
www.itpro.com
eb2.3lift.com
googleads.g.doubleclick.net
27 vanilla.futurecdn.net www.itpro.com
vanilla.futurecdn.net
22 eb2.3lift.com 8 redirects ad-cdn.technoratimedia.com
eb2.3lift.com
bordeaux.futurecdn.net
22 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
match.sharethrough.com
bh.contextweb.com
ssum-sec.casalemedia.com
www.itpro.com
eb2.3lift.com
20 pagead2.googlesyndication.com f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.itpro.com
www.googletagservices.com
20 x.bidswitch.net 17 redirects www.itpro.com
us-u.openx.net
19 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
um2.eqads.com
googleads.g.doubleclick.net
18 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
ssl.p.jwpcdn.com
ad-cdn.technoratimedia.com
hde.tynt.com
bordeaux.futurecdn.net
visitor.omnitagjs.com
cdn.undertone.com
17 tpc.googlesyndication.com www.itpro.com
f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
16 pixel.servebom.com www.itpro.com
bordeaux.futurecdn.net
ssum-sec.casalemedia.com
visitor.omnitagjs.com
16 ib.adnxs.com 9 redirects 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
bordeaux.futurecdn.net
googleads.g.doubleclick.net
eb2.3lift.com
acdn.adnxs.com
15 sync.go.sonobi.com 1 redirects bordeaux.futurecdn.net
www.itpro.com
15 us-u.openx.net 4 redirects u.openx.net
ad-cdn.technoratimedia.com
us-u.openx.net
cdn.undertone.com
14 visitor.omnitagjs.com bordeaux.futurecdn.net
visitor.omnitagjs.com
ssbsync.smartadserver.com
s.spotim.market
www.itpro.com
14 match.adsrvr.org 14 redirects
13 s0.2mdn.net imasdk.googleapis.com
www.itpro.com
s0.2mdn.net
12 sync.technoratimedia.com ad-cdn.technoratimedia.com
us-u.openx.net
eb2.3lift.com
hde.tynt.com
12 search-api.fie.futurecdn.net www.itpro.com
search-api.fie.futurecdn.net
12 cdn.privacy-mgmt.com www.itpro.com
cdn.privacy-mgmt.com
12 cdn.mos.cms.futurecdn.net www.itpro.com
11 ads.pubmatic.com s.amazon-adsystem.com
ssl.p.jwpcdn.com
ad-cdn.technoratimedia.com
contextual.media.net
bordeaux.futurecdn.net
visitor.omnitagjs.com
s.spotim.market
ads.pubmatic.com
11 api.permutive.com 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 contextual.media.net 1 redirects ssl.p.jwpcdn.com
contextual.media.net
10 match.sharethrough.com 5 redirects s.amazon-adsystem.com
match.sharethrough.com
9 sync.1rx.io 9 redirects
9 match.prod.bidr.io 9 redirects
9 ups.analytics.yahoo.com 8 redirects u.openx.net
cdn.undertone.com
9 vpb-server.jwplayer.com ssl.p.jwpcdn.com
u.openx.net
www.itpro.com
8 ssc-cms.33across.com 8 redirects
8 sync.mathtag.com 8 redirects
8 b1sync.zemanta.com 8 redirects
8 ssl.p.jwpcdn.com content.jwplatform.com
7 ml314.com 2 redirects www.itpro.com
ml314.com
7 sync.spotim.market 2 redirects s.spotim.market
7 bh.contextweb.com 4 redirects s.amazon-adsystem.com
bh.contextweb.com
6 googleads.g.doubleclick.net f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
www.itpro.com
pagead2.googlesyndication.com
6 fastlane.rubiconproject.com bordeaux.futurecdn.net
6 events-ssc.33across.com hde.tynt.com
ad-cdn.technoratimedia.com
6 secure-assets.rubiconproject.com 6 redirects
6 pixel.rubiconproject.com 3 redirects www.itpro.com
6 pr-bh.ybp.yahoo.com 4 redirects u.openx.net
ssum-sec.casalemedia.com
6 securepubads.g.doubleclick.net bordeaux.futurecdn.net
securepubads.g.doubleclick.net
www.itpro.com
6 www.google-analytics.com www.itpro.com
www.google-analytics.com
5 s.cpx.to p.cpx.to
www.itpro.com
5 visitor-usa02.omnitagjs.com visitor.omnitagjs.com
5 i.liadm.com 5 redirects
5 rtb.mfadsrvr.com 5 redirects
5 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
5 secure.adnxs.com 5 redirects
5 uat-net.technoratimedia.com ad-cdn.technoratimedia.com
5 token.rubiconproject.com 4 redirects s.amazon-adsystem.com
5 stags.bluekai.com 4 redirects us-u.openx.net
5 id.rlcdn.com 2 redirects contextual.media.net
us-u.openx.net
visitor.omnitagjs.com
5 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
bordeaux.futurecdn.net
cdn.undertone.com
5 www.facebook.com www.itpro.com
4 cdn.doubleverify.com f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
cdn.doubleverify.com
s0.2mdn.net
www.itpro.com
4 www.googletagservices.com f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
cdn.doubleverify.com
www.googletagservices.com
4 sync.srv.stackadapt.com 2 redirects eb2.3lift.com
4 dpm.demdex.net 1 redirects www.itpro.com
cdn.undertone.com
4 sync.bfmio.com 2 redirects bordeaux.futurecdn.net
sync.bfmio.com
4 pixel-sync.sitescout.com 4 redirects
4 sync.targeting.unrulymedia.com 4 redirects
4 ap.lijit.com 4 redirects
4 pixel-us-east.rubiconproject.com 4 redirects
4 sb.scorecardresearch.com 2 redirects www.itpro.com
4 www.google.com 2 redirects www.itpro.com
4 cdn.jwplayer.com 3 redirects vanilla.futurecdn.net
4 uk-script.dotmetrics.net www.itpro.com
uk-script.dotmetrics.net
4 slice.vanilla.futurecdn.net www.itpro.com
3 ps.eyeota.net 2 redirects www.itpro.com
3 www.googletagmanager.com www.itpro.com
www.googletagmanager.com
3 f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 sync.crwdcntrl.net 3 redirects
3 prd.jwpltx.com www.itpro.com
3 rtb.openx.net 2 redirects us-u.openx.net
3 p.rfihub.com 3 redirects
3 onetag-sys.com ad-cdn.technoratimedia.com
visitor.omnitagjs.com
s.spotim.market
3 c1.adform.net 3 redirects
3 ad.360yield.com 3 redirects
3 ad.turn.com 3 redirects
3 pixel.tapad.com 2 redirects u.openx.net
3 sync-tm.everesttech.net 3 redirects
3 cs.media.net 1 redirects contextual.media.net
3 u.openx.net 1 redirects ssl.p.jwpcdn.com
s.amazon-adsystem.com
3 www.gstatic.com content.jwplatform.com
www.gstatic.com
3 assets-jpcust.jwpsrv.com www.itpro.com
3 image6.pubmatic.com 3 redirects
3 imasdk.googleapis.com content.jwplatform.com
imasdk.googleapis.com
vanilla.futurecdn.net
3 c.amazon-adsystem.com bordeaux.futurecdn.net
c.amazon-adsystem.com
3 www.google.ca www.itpro.com
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 connect.facebook.net www.itpro.com
connect.facebook.net
3 ads.servebom.com bordeaux.futurecdn.net
champagne.futurecdn.net
2 api.btloader.com futureplc-com.videoplayerhub.com
2 ad-delivery.net www.itpro.com
2 analytics.google.com www.googletagmanager.com
2 googleads4.g.doubleclick.net www.itpro.com
2 cdn.onesignal.com www.itpro.com
cdn.onesignal.com
2 geo.privacymanager.io ats-wrapper.privacymanager.io
2 ads.betweendigital.com 2 redirects
2 creativecdn.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects visitor.omnitagjs.com
2 ads.creative-serving.com 2 redirects
2 qds0l.publishers.tremorhub.com 2 redirects
2 purch-match.dotomi.com 2 redirects
2 33across-match.dotomi.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 pm.w55c.net 2 redirects
2 medianet-match.dotomi.com 2 redirects
2 synacor-match.dotomi.com 2 redirects
2 image2.pubmatic.com 2 redirects
2 gum.criteo.com 1 redirects contextual.media.net
2 js-sec.indexww.com ssl.p.jwpcdn.com
bordeaux.futurecdn.net
2 px.ads.linkedin.com www.itpro.com
eb2.3lift.com
2 x.videobyte.com 2 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 pulsepoint-match.dotomi.com 2 redirects
2 bttrack.com 2 redirects
2 idsync.rlcdn.com 1 redirects u.openx.net
2 pippio.com 2 redirects
2 amazon-tam-match.dotomi.com 2 redirects
2 hbopenbid.pubmatic.com ssl.p.jwpcdn.com
bordeaux.futurecdn.net
2 htlb.casalemedia.com ssl.p.jwpcdn.com
bordeaux.futurecdn.net
2 grid.bidswitch.net ssl.p.jwpcdn.com
bordeaux.futurecdn.net
2 jwplayer.technoratimedia.com ssl.p.jwpcdn.com
2 aud.pubmatic.com www.itpro.com
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 bordeaux.futurecdn.net www.itpro.com
bordeaux.futurecdn.net
2 www.itpro.com www.itpro.com
1 acdn.adnxs.com bordeaux.futurecdn.net
1 cdn.undertone.com bordeaux.futurecdn.net
1 ad.doubleclick.net www.itpro.com
1 in.ml314.com ml314.com
1 p.cpx.to www.itpro.com
1 cdn.brandmetrics.com www.itpro.com
1 btloader.com www.itpro.com
1 futureplc-com.videoplayerhub.com 1 redirects
1 rtbc-uw2.doubleverify.com cdn.doubleverify.com
1 tps.doubleverify.com cdn.doubleverify.com
1 rtb0.doubleverify.com cdn.doubleverify.com
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 www.dianomi.com vanilla.futurecdn.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.ca securepubads.g.doubleclick.net
1 pixel-eu.rubiconproject.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 s.spotim.market visitor.omnitagjs.com
1 inv-nets.admixer.net 1 redirects
1 sync.adotmob.com 1 redirects
1 csync.loopme.me 1 redirects
1 api-2-0.spot.im visitor.omnitagjs.com
1 d.adroll.com ssum-sec.casalemedia.com
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 nep.advangelists.com 1 redirects
1 tags.bluekai.com www.itpro.com
cdn.undertone.com
1 e.serverbid.com 1 redirects
1 sync.adkernel.com www.itpro.com
1 pixel.advertising.com 1 redirects
1 purch-sync.go.sonobi.com 1 redirects
1 pixel.adsafeprotected.com cdn.adsafeprotected.com
1 hb.undertone.com bordeaux.futurecdn.net
1 tlx.3lift.com bordeaux.futurecdn.net
1 c21lg-d.media.net contextual.media.net
1 c.bing.com eb2.3lift.com
1 aorta.clickagy.com 1 redirects
1 idpix.media6degrees.com 1 redirects
1 aa.agkn.com us-u.openx.net
1 mid.rkdms.com 1 redirects
1 d.turn.com 1 redirects
1 odr.mookie1.com 1 redirects
1 dis.criteo.com 1 redirects
1 hbx.media.net contextual.media.net
1 sync.taboola.com ad-cdn.technoratimedia.com
1 sync.aralego.com 1 redirects
1 hde.tynt.com ad-cdn.technoratimedia.com
1 de.tynt.com 1 redirects
1 pixel.33across.com 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 ad-cdn.technoratimedia.com ssl.p.jwpcdn.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 dmp.brand-display.com 1 redirects
1 beacon.lynx.cognitivlabs.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 jadserve.postrelease.com 1 redirects
1 prebid.media.net ssl.p.jwpcdn.com
1 prebid-server.rubiconproject.com ssl.p.jwpcdn.com
1 r.skimresources.com search-api.fie.futurecdn.net
1 entitlements.jwplayer.com content.jwplatform.com
1 ats-wrapper.privacymanager.io bordeaux.futurecdn.net
1 cdn.adsafeprotected.com bordeaux.futurecdn.net
1 search-api.fie.future.net.uk search-api.fie.futurecdn.net
1 cdn.permutive.com 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
1 6093eccf-6734-4877-ac8b-83d6d0e27b46.prmutv.co 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
1 rm-script.dotmetrics.net www.itpro.com
1 content.jwplatform.com vanilla.futurecdn.net
1 ampcid.google.ca www.google-analytics.com
1 sommelier.futurehybrid.tech bordeaux.futurecdn.net
1 ampcid.google.com www.google-analytics.com
1 p1.parsely.com www.itpro.com
1 mos.fie.futurecdn.net www.itpro.com
1 champagne.futurecdn.net www.itpro.com
1 cdn.parsely.com www.itpro.com
1 freyr.futurecdn.net www.itpro.com
1 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app www.itpro.com
1 www.itproportal.com 1 redirects
0 beacon.krxd.net Failed cdn.undertone.com
0 cw.addthis.com Failed cdn.undertone.com
0 image8.pubmatic.com Failed cdn.undertone.com
0 usr.undertone.com Failed cdn.undertone.com
0 match.bnmla.com Failed www.itpro.com
0 ssl-market-east.smrtb.com Failed www.itpro.com
582 214
Subject Issuer Validity Valid
www.itpro.co.uk
R3		 2023-03-24 -
2023-06-22		 3 months crt.sh
*.futurecdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-06 -
2023-07-06		 a year crt.sh
*.privacy-mgmt.com
Amazon RSA 2048 M02		 2022-11-07 -
2023-12-06		 a year crt.sh
hawk.techradar.com
R3		 2023-04-21 -
2023-07-20		 3 months crt.sh
slice.vanilla.futurecdn.net
R3		 2023-04-01 -
2023-06-30		 3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2023-03-11 -
2023-06-09		 3 months crt.sh
freyr.futurecdn.net
R3		 2023-04-05 -
2023-07-04		 3 months crt.sh
*.parsely.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-07-04		 4 months crt.sh
bordeaux.futurecdn.net
R3		 2023-03-06 -
2023-06-04		 3 months crt.sh
champagne.futurecdn.net
R3		 2023-03-29 -
2023-06-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.dotmetrics.net
Amazon RSA 2048 M01		 2023-03-01 -
2023-10-21		 8 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
ads.servebom.com
R3		 2023-03-08 -
2023-06-06		 3 months crt.sh
sommelier.futurehybrid.tech
R3		 2023-04-03 -
2023-07-02		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-12-25		 10 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-07 -
2023-05-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.prmutv.co
R3		 2023-03-14 -
2023-06-12		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
api.permutive.com
R3		 2023-04-17 -
2023-07-16		 3 months crt.sh
search-api.fie.future.net.uk
R3		 2023-04-19 -
2023-07-18		 3 months crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-26 -
2023-12-28		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-07-20		 5 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-24		 7 months crt.sh
entitlements.jwplayer.com
GeoTrust TLS RSA CA G1		 2023-04-11 -
2024-05-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.skimresources.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-25 -
2023-11-08		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-22 -
2023-06-21		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-08-12		 5 months crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
um3.eqads.com
Amazon RSA 2048 M02		 2023-03-02 -
2023-07-09		 4 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-03-07 -
2023-09-07		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.undertone.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-10-01		 7 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
pixel.servebom.com
R3		 2023-03-26 -
2023-06-24		 3 months crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
*.spot.im
Amazon RSA 2048 M01		 2023-02-21 -
2023-11-01		 8 months crt.sh
s.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-04-02 -
2023-07-01		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-03-25 -
2023-06-23		 3 months crt.sh
dianomi.com
Cloudflare Inc ECC CA-3		 2023-04-03 -
2024-04-02		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
*.brandmetrics.com
GTS CA 1P5		 2023-03-12 -
2023-06-10		 3 months crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2023-01-12 -
2024-01-13		 a year crt.sh
ml314.com
GTS CA 1D4		 2023-04-09 -
2023-07-08		 3 months crt.sh
*.ml314.com
Amazon RSA 2048 M02		 2023-02-27 -
2023-12-14		 10 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2023-01-12 -
2024-01-17		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-04-14 -
2023-07-13		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-02-27 -
2023-11-07		 8 months crt.sh

This page contains 76 frames:

Primary Page: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Frame ID: EF45E1FBF840500178BE7E3BE978767B
Requests: 248 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Frame ID: 33B7C2B4187371F821B8488DF1550E74
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3EF8754B3D826CB8898D16291715F1CD
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&dcc=t
Frame ID: 4128C3A231BCBC2557E85AECC6007CFD
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Frame ID: 9E7707BBCD142CAD3E1E4BB2CB3FFF3F
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: 4A76ED6601FFB143CFB74E4B90CF678E
Requests: 8 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: BD9E97564C45850792C95260105D9DE6
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Frame ID: A08B990043CD6A43063A7CCFCC0A0E04
Requests: 9 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: 885E18D11F5B426C2AEA8DB31B724D63
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4497645360037501104&gdpr=0&gdpr_consent=
Frame ID: 240E65EB34521071D5550614AB197A04
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMERwIIi-wjAMDjtofAAAAAAA&expiration=1682987058&is_secure=true&gdpr=0
Frame ID: D50C7F9FD841233C1D8873F4E3E0F031
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: 94196BEA04C634CF68C57F9738895838
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: 2FD07119FEFF74315EEB5C2313883F55
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: 52F4364A3726FF9D11CAF561C9009A40
Requests: 12 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: BDF99893B5FBD8187359082AF6541B7F
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1HSTRtbHVORTJ1TFAuVHJwVnFuYzk2eXRRLjFabFJ1Rn5B&gdpr=0
Frame ID: 9B9E595DC952B1CAD2D2341505132D0F
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=5364052513180930309&ex=appnexus.com&gdpr=0
Frame ID: 456EFB2C3137CEDC554FD32B9337145E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=694731493061520576076
Frame ID: E5131D9D30C4627755A64F133A7CA368
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 34B95C2BAA14D2B7EE96350790D0AA43
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: CA2F4B5B3FE7950AD05247FF20BB0A03
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4AEF736F6F3B0C645E161E2F19BC7316
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 7D1131AC0ADFEE57D09D6996FD1CB2B9
Requests: 14 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Frame ID: 82C082587885EB3C52FBC243B1323A53
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158831&gdpr=0&gdpr_consent=
Frame ID: F533B8775B1EC314F0210A2A75B48A64
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Frame ID: F991A814E8FEEFBCAC4E44DB9599675C
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Frame ID: 7F44B8043A01D2C28DD7FA343E420575
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Frame ID: 10098C534F47F3EFFB25D33F49D5DC5F
Requests: 12 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Frame ID: C2BA672399B6CBE56CFFB020CB4D8A4B
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=572a470226457b8
Frame ID: 9B48FD4580351D5F7F823ECAE659BF10
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Frame ID: CD54A82CE9CE24EA30617D75A4DA1576
Requests: 12 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3259022571455542000V10&type=rkt&refUrl=&vid=29006591023259022571455542000V10&ovsid=979321832824455813
Frame ID: FFD72BA3F8D7FABAFEDFD037ABDB962B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3259022571455542000V10%26type%3Dpba%26refUrl%3D%26vid%3D29006591023259022571455542000V10%26ovsid%3DPM_UID
Frame ID: 2ADB478657868D2CE4E73FD4F015AEDF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 41E33FD3A55376324AF06C617CD5091F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?r=10461&p=46338&predirect=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D4968%26svc%3Dus%26id%3D5%26uid%3D
Frame ID: E032C44D21756FFDDC7C0B9C6EA1B514
Requests: 1 HTTP requests in this frame

Frame: https://pixel.servebom.com/partner?cb=8257&svc=us&id=32&uid=38a8cb24600543599a81473ddc58df9a
Frame ID: EEE2B5D19AF851780075FD7DB8F36312
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?r=1430&s=181869&cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D6106%26svc%3Dus%26id%3D2%26uid%3D
Frame ID: 8BF50DF9795E97BAB9858538EB765790
Requests: 10 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=4&id=Purch&gdpr=0&gc=&gce=1
Frame ID: CC250219D2E601E09427890799DAFF60
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?r=6690&p=156007&predirect=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D5522%26svc%3Dus%26id%3D46%26uid%3D
Frame ID: 9C4535915C656F28B00E911E5427D29C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?r=488&p=11868&endpoint=us-east
Frame ID: B862B5E3D67B8F917FD94152B490A005
Requests: 3 HTTP requests in this frame

Frame: https://pixel.servebom.com/partner?&svc=us&id=57&uid=y-yoI.V1tE2uFuqAakwiLzaWPR4.mtFddT~A
Frame ID: 3D8745F82BAF9B5BD56F7C6E2CDB573F
Requests: 1 HTTP requests in this frame

Frame: https://pixel.servebom.com/partner?svc=us&id=61&uid=y-ptgwb0FE2uJ0SyTlUZ08ubeozupTdrg-~A
Frame ID: D4632D942819E309C7645E415DD8B04B
Requests: 1 HTTP requests in this frame

Frame: https://pixel.servebom.com/partner?cb=7607&svc=us&id=62&uid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&cookie_age=5
Frame ID: 9F5F243A765F3BD98874B127E72EB265
Requests: 1 HTTP requests in this frame

Frame: https://pixel.servebom.com/partner?svc=us&id=64&uid=dfe7fbb1-55ce-41d1-849c-c06fbefaa442
Frame ID: AFBC5F35E5DF62C16CD3008EB0983E5E
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Frame ID: 91EBA2827D10C643929432AF8E452BB7
Requests: 19 HTTP requests in this frame

Frame: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Frame ID: D8C81736E3C73018A713247EF91468ED
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Frame ID: FDD793B7CA5BA1E2286493645911873F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Frame ID: 6FACF87115FD5D51F0776E97B1AE7C68
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: 4DC257E8FF8BF15199792DB2B35DFAE1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Frame ID: 31179DCAE99A96A0806B30C4DD4D2A23
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Frame ID: 6CA5A4D2BA581D5341086153687CB25A
Requests: 2 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: 61721B2A705B8F4BEE8510FCDA9E078A
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Frame ID: 992D435918C6B3C924E9E17D305A5EE6
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=5364052513180930309&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: 677C9D5DFE69930000941A20294093E3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 5B095D72168EFABBA02B9D4CFAACB295
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=644680&extuid=694731493061520576076
Frame ID: DD65455C2DA0078498A2E045E9FBE890
Requests: 1 HTTP requests in this frame

Frame: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F36334223A34FD669581FBE0CE8D7853
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=155494&s=&predirect=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D5797%26svc%3Dus%26id%3D45%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=1---&
Frame ID: AF788C3F131E24F8FB3B67D8E2F298AA
Requests: 1 HTTP requests in this frame

Frame: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5168CC8410B66AA371B7371D0B09B365
Requests: 21 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032304241924000/amp4ads-v0.mjs
Frame ID: 7DA6C87EC367C6A1BAF5771E3B6F4911
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032304241924000/amp4ads-v0.mjs
Frame ID: 491E1EA94B06247407B7ED00A91E0B22
Requests: 11 HTTP requests in this frame

Frame: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FDCB22A91774DF89B58D8786E9B46FB6
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjwggIQhLGDAhj2uPriATAB&v=APEucNVO57coUIMR_50Q3Mvz1ofJIXMFP1GGIeU0SA8L6Q3X0ZW_djIzeGoItOIOcvQ-un3IMoSBbp87_uTG4FtBFMdjBMChGAxJ0be2KMN6qbkAP1u2ppk
Frame ID: D5EC82094D2B7A9CD3FEEF8BEE03FF9B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CGUQm_XizAIYnPfF3wEwAQ&v=APEucNV7F1JCoKTHu76ywyxNWOYI2WEt3AX14DD0KnTU7Ss8eX4K4O4Am4Tt6r6Vykp-t6mJ0afOfCe_40gZKaMl3CHumxFx5d6E36cWUkp9HBJWmZSX00E
Frame ID: C3B19CC9840A6EF85B74A13F0522251B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9463026B990570F1E3DCE457216890C2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B5BD5B1CE53D840ED7D23383CA8DF5BE
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
Frame ID: 58F418549EA9E3727C290D7C243752F0
Requests: 11 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3743.js
Frame ID: 8BB8F5844DE9E345AB58B4B494D8CF72
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E518D703A81DAD2C03B225E4B911910F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Frame ID: B5835444458F2F7153B3531B8CFA81EE
Requests: 13 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 11F8691390C6DEFA3EA137865FE1B076
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 0004EAA0C8D63B9F9BFD3979DC422018
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Frame ID: 3891D9B80391FA1724922A029A506A9F
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162345&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 2B5FCCFAF11DDC09A2E7CA171E1DDE2C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 449BDE1A1CF8621CFA1596D180CC8AD2
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 72C2ED1C993BFD6FF13BF4990E9C0234
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 72B742573223A73A60E6033606CDB4B0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

6 of the best free malware removal tools for SMBs in 2023 | ITProITProCloud ProChannel ProITProITPro

Page URL History Show full URLs

  1. https://www.itproportal.com/news/up-to-18000-business-hit-in-solarwinds-hack/ HTTP 301
    https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

582
Requests

68 %
HTTPS

29 %
IPv6

128
Domains

214
Subdomains

126
IPs

7
Countries

5206 kB
Transfer

16436 kB
Size

277
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.itproportal.com/news/up-to-18000-business-hit-in-solarwinds-hack/ HTTP 301
    https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 131
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D733%26segid%3D89871%2C94788 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D733%26segid%3D89871%2C94788&rdf=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=89871,94788
Request Chain 134
  • https://cdn.jwplayer.com/strips/VghWffSP-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/VghWffSP-120.vtt
Request Chain 140
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&dcc=t
Request Chain 153
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Request Chain 157
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b
Request Chain 158
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3259022571455542000V10
Request Chain 159
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=cc48733c-86ac-429a-9aae-2d8d692b1383
Request Chain 161
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZE8GsQAGq1TEpABS HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE8GsQAGq1TEpABS&_test=ZE8GsQAGq1TEpABS
Request Chain 164
  • https://match.adsrvr.org/track/cmf/openx?oxid=653dfb5e-b385-3e35-44aa-06fa9125e78e&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=653dfb5e-b385-3e35-44aa-06fa9125e78e&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&ttd_puid=653dfb5e-b385-3e35-44aa-06fa9125e78e&gdpr=0&gdpr_consent=
Request Chain 165
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDk1MjI4OTQtN2FmMi02MDkxLTUxNGEtNWM0MzViYzcyOWVl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDk1MjI4OTQtN2FmMi02MDkxLTUxNGEtNWM0MzViYzcyOWVl&google_tc=
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDpvtqfNoZ9D9XChKqPTSZY&google_cver=1
Request Chain 167
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Request Chain 169
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4497645360037501104&gdpr=0&gdpr_consent=
Request Chain 170
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=58837906b6f72163&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMERwIIi-wjAMDjtofAAAAAAA&expiration=1682987058&is_secure=true&gdpr=0
Request Chain 174
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 175
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1HSTRtbHVORTJ1TFAuVHJwVnFuYzk2eXRRLjFabFJ1Rn5B&gdpr=0
Request Chain 176
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fid%3D%2524UID%26ex%3Dappnexus.com%26gdpr%3D0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=5364052513180930309&ex=appnexus.com&gdpr=0
Request Chain 177
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=694731493061520576076
Request Chain 178
  • https://sb.scorecardresearch.com/cs/10055482/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 180
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=634388a2-e882-03b2-0e4b-9e2ca2a92682 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=634388a2-e882-03b2-0e4b-9e2ca2a92682
Request Chain 181
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=4bf978d7-6bef-047c-178d-c7f0068613e7 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=4bf978d7-6bef-047c-178d-c7f0068613e7&verify=true
Request Chain 182
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=30fb8438-7ec2-0855-1bd3-8609a8be8656 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokMzBmYjg0MzgtN2VjMi0wODU1LTFiZDMtODYwOWE4YmU4NjU2EAAaDQiyjbyiBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=219870993d0c86bdf253e0b4bad5a31bd0c887f32244ff8b8c48cac207a07d97791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAyMTk4NzA5OTNkMGM4NmJkZjI1M2UwYjRiYWQ1YTMxYmQwYzg4N2YzMjI0NGZmOGI4YzQ4Y2FjMjA3YTA3ZDk3NzkxNDI2YjU0MTdkY2UyMRAAGgwIso28ogYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAyMTk4NzA5OTNkMGM4NmJkZjI1M2UwYjRiYWQ1YTMxYmQwYzg4N2YzMjI0NGZmOGI4YzQ4Y2FjMjA3YTA3ZDk3NzkxNDI2YjU0MTdkY2UyMRAAGgwIso28ogYSBAgCEABCAEoA&google_gid=CAESENNQl0XUm5Y4xOd9fwXN2U4&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=808166d7-4ad3-429a-83d2-3cc963d578a8
Request Chain 183
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=5364052513180930309
Request Chain 184
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2885768169026791528&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 187
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&gdpr=0&gdpr_consent=
Request Chain 188
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LH43LMKF-M-BG0S&gdpr=0
Request Chain 189
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=Cx70wqgOv71vzzsto1ul&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZTWI4DSHUYCM43POVZGGZK7NFSD2YJXHEZTKMZQGU4DCNDGHBRTKZJSMEZTIYTBGU2CM43POVZGGZK7OVZWK4S7NFSD2Q3YG4YHO4LHJ53DOMLWPJ5HG5DPGF2WY&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZTWI4DSHUYCM43POVZGGZK7NFSD2YJXHEZTKMZQGU4DCNDGHBRTKZJSMEZTIYTBGU2CM43POVZGGZK7OVZWK4S7NFSD2Q3YG4YHO4LHJ53DOMLWPJ5HG5DPGF2WY HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=Cx70wqgOv71vzzsto1ul
Request Chain 190
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=75e96c09-430e-4d69-9c12-98bfda1e9e84&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=aU9tN1pqel8wMzFPS210Z3htcFZnUQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEDBpXlXmoCFu8DqfD_ITQJo&google_cver=1
Request Chain 192
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=60be0a41c9e12191&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAFprChiHtmegMGT_kNAAAAAAA&expiration=1682987058&nuid=&is_secure=true
Request Chain 194
  • https://sb.scorecardresearch.com/b?c1=2&c2=10055482&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682900658051&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&c8=6%20of%20the%20best%20free%20malware%20removal%20tools%20for%20SMBs%20in%202023%20%7C%20ITPro&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10055482&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682900658051&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&c8=6%20of%20the%20best%20free%20malware%20removal%20tools%20for%20SMBs%20in%202023%20%7C%20ITPro&c9=
Request Chain 195
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE8GsntS6rVM0F29LL34HgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1
Request Chain 196
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&expiration=1685492658&gdpr=0&gdpr_consent=
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE8GsntS6rVM0F29LL34HgAABTsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBH2YRsdB61-QZwqPyShGkc&google_cver=1
Request Chain 199
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=32bb813a-08e8-461c-ac43-50601fc86e47&expiration=1714523058
Request Chain 200
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAA8Kk7Ing0AACQhPkHy3w&expiration=1684110258
Request Chain 201
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=2571cea0-8b34-c2ac-78472fc0
Request Chain 204
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 205
  • https://x.videobyte.com/usync?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dvideobyte%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 301
  • https://vpb-server.jwplayer.com/setuid?bidder=videobyte&gdpr=0&gdpr_consent=&f=i&uid=d7e8299c-83aa-404a-8a25-2ff9cebaf077
Request Chain 206
  • https://cdn.jwplayer.com/strips/VghWffSP-120.jpg HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/VghWffSP-120.jpg
Request Chain 209
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://vpb-server.jwplayer.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&f=i&uid=b793b3d9-5185-43ff-876b-209598df5c7e
Request Chain 210
  • https://cdn.jwplayer.com/v2/media/vFJq2NEG/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/w6vo1e7u-120.jpg
Request Chain 211
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=LH43LMLB-28-57MV HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LH43LMLB-28-57MV&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 212
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://vpb-server.jwplayer.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&f=i&uid=GkeYTLZH5EevHt7VRiGLiTt6
Request Chain 214
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/hItjW11Ja6Jsv9wQ4nX2ssn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-44TTlddE2oI.vgyrMamIkvbGpdD.3si0VjbyTg--~A
Request Chain 215
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDM5OWNkZWZhNzI4MTNiMjczNjZhMmZiY2ZhNzk2ZDBmMTBmMDlhNQ&gdpr=0
Request Chain 216
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=equvcWTrQK665CiUmsMUQA&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=equvcWTrQK665CiUmsMUQA&gdpr=0
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJXYH-UEF_6RC1uuH2mmJN8&google_cver=1
Request Chain 218
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&gdpr=0&gdpr_consent=&expires=30
Request Chain 219
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEg0M0xNTEItMjgtNTdNVg==&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEIZrywt1m4CA-uvZ5S29Qfs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg0M0xNTEItMjgtNTdNVg==&google_push=&gdpr=0
Request Chain 221
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH43LMLB-28-57MV&gdpr=0
Request Chain 223
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D733%26segid%3D85460%2C89871%2C94788 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=85460,89871,94788
Request Chain 224
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%5BRX_UUID%5D&cb=1682900658710 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=279742741 HTTP 302
  • https://sync.1rx.io/usersync/turn/2885768169026791528?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005?redir=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3DRX-397964c6-fc9f-436a-ab31-b3a253f525d2-005 HTTP 302
  • https://vpb-server.jwplayer.com/setuid?bidder=unruly&gdpr=0&gdpr_consent=&f=i&uid=RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005
Request Chain 230
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=themediagrid HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=themediagrid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4462594004579376896&ssp=themediagrid
Request Chain 231
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=50&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://vpb-server.jwplayer.com/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&f=i&uid=4497645360037501104
Request Chain 234
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Request Chain 237
  • https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Request Chain 240
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1 HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
Request Chain 241
  • https://secure.adnxs.com/getuid?https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=$UID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=5364052513180930309
Request Chain 242
  • https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
Request Chain 243
  • https://match.prod.bidr.io/cookie-sync/syn HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBOEtrN0luZzBBQUNRaFBrSHkzdw&bee_sync_partners=pm%2Csas%2Cpp%2Csyn&bee_sync_current_partner=adx&bee_sync_initiator=syn&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Csyn&bee_sync_current_partner=adx&bee_sync_initiator=syn&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA8Kk7Ing0AACQhPkHy3w&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Csyn%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Csyn&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAA8Kk7Ing0AACQhPkHy3w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csyn%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4497645360037501104 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAA8Kk7Ing0AACQhPkHy3w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D4497645360037501104%26bee_sync_partners%3Dsyn%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=4497645360037501104&bee_sync_partners=syn&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAA8Kk7Ing0AACQhPkHy3w&pid=558502&do=add HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAA8Kk7Ing0AACQhPkHy3w
Request Chain 244
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6400589931 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3DRX-397964c6-fc9f-436a-ab31-b3a253f525d2-005 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005
Request Chain 245
  • https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=79&uid=b793b3d9-5185-43ff-876b-209598df5c7e
Request Chain 246
  • https://ups.analytics.yahoo.com/ups/58266/sync?redir=true HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-4Xye4H9E2uFkZftg0_hJBHxF8RYa6Hpm~A
Request Chain 247
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=82&uid=ZE8GsntS6rVM0F29LL34HgAA%261339
Request Chain 248
  • https://sync.aralego.com/idSync?ucf_nid=par-488A3E6BD8D997D0ED8B3BD34D8BA4B&ucf_user_id=5597529CCA40456999768DE69389154D&redirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D37%26uid%3DUCFUID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=e982d87b-1ada-328b-8637-db6bc271a79d
Request Chain 249
  • https://x.bidswitch.net/sync?ssp=synacor&user_id=5597529CCA40456999768DE69389154D HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=synacor&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=978477414459663588&expires=30&ssp=synacor HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=48&uid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b
Request Chain 250
  • https://synacor-match.dotomi.com/match/bounce/current?networkId=63258&version=1&nuid=5597529CCA40456999768DE69389154D HTTP 302
  • https://synacor-match.dotomi.com/match/bounce/current?DotomiTest=49ddf1c3cc3521f7&is_secure=true&networkId=63258&version=1&nuid=5597529CCA40456999768DE69389154D HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=49&uid=AAAMERwIIi-wwANGMwmSAAAAAAA&expiration=1682987059&nuid=5597529CCA40456999768DE69389154D&is_secure=true
Request Chain 251
  • https://contextual.media.net/cksync.php?cs=3&type=syn&ovsid=5597529CCA40456999768DE69389154D&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D62%26uid%3D%5BUSER_ID%5D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=3259022571455542000V10
Request Chain 255
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3259022571455542000V10%26type%3Drkt%26refUrl%3D%26vid%3D29006591023259022571455542000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3259022571455542000V10&type=rkt&refUrl=&vid=29006591023259022571455542000V10&ovsid=979321832824455813
Request Chain 257
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3259022571455542000V10%26type%3Dcon%26refUrl%3D%26vid%3D29006591023259022571455542000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=604e1745a3522163&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3259022571455542000V10%26type%3Dcon%26refUrl%3D%26vid%3D29006591023259022571455542000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3259022571455542000V10&type=con&refUrl=&vid=29006591023259022571455542000V10&ovsid=AAAMERwIIi-wxgMJv1t_AAAAAAA&expiration=1682987059&is_secure=true
Request Chain 258
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3259022571455542000V10%26type%3Dopx%26refUrl%3D%26vid%3D29006591023259022571455542000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3259022571455542000V10&type=opx&refUrl=&vid=29006591023259022571455542000V10&ovsid=ad1192c1-1885-04d5-27e5-789423ca7552
Request Chain 259
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3259022571455542000V10%26type%3Dmma%26refUrl%3D%26vid%3D29006591023259022571455542000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3259022571455542000V10&type=mma&refUrl=&vid=29006591023259022571455542000V10&ovsid=f9cf644f-06b3-4900-b8a5-8b10c143e1a0
Request Chain 260
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzI1OTAyMjU3MTQ1NTU0MjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEJA_aSKws9ngJa2ZAhAP644&google_cver=1
Request Chain 261
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3259022571455542000V10%26type%3Ddxu%26refUrl%3D%26vid%3D29006591023259022571455542000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3259022571455542000V10%26type%3Ddxu%26refUrl%3D%26vid%3D29006591023259022571455542000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3259022571455542000V10&type=dxu&refUrl=&vid=29006591023259022571455542000V10&ovsid=pUk6ZoCt1PThl15
Request Chain 262
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=026893ad-780c-4a5a-9234-f80bf56a9518
Request Chain 263
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594225548510857152&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 264
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3259022571455542000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3259022571455542000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=5b84f903-6fa4-4601-9646-10138d604f28&cs=1
Request Chain 266
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
Request Chain 268
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=658b27da-845f-0444-062c-fafc1bb32661 HTTP 303
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=658b27da-845f-0444-062c-fafc1bb32661&_li_chk=true&previous_uuid=afb9bc1970c640c68292b0cab6feeb7f HTTP 303
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=658b27da-845f-0444-062c-fafc1bb32661&previous_uuid=1b3c62d3dd6c476895a5789aae3c865f HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2885768169026791528 HTTP 303
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=afb9bc19-70c6-40c6-8292-b0cab6feeb7f&liid=&_ct=im HTTP 302
  • https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=80fe0a2b0ad1820743485bcf98cbcda9 HTTP 303
  • https://x.bidswitch.net/sync?dsp_id=42&user_id=
Request Chain 272
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=c9906ed4-ab1d-1b03-b383-4d09b4e8a74c HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=13pnge4990fep
Request Chain 273
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=7ab3cfbb-e1ff-027b-323f-9dbb7517e9bf&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:2a81f4cc283a6d0282d32da081d33940
Request Chain 274
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=umtxYhoDhxui3kpNQjzdNA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 275
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=4321644f-06b3-4d00-9f02-623ffea91b7e
Request Chain 276
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=7346c5ca-1cb1-4263-a1e2-d35d1dcf074f
Request Chain 277
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341&gdpr=0&gdpr_consent=
Request Chain 278
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 279
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njk0NzMxNDkzMDYxNTIwNTc2MDc2 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMq79tCHMV3dOevSM7tpELw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 281
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njk0NzMxNDkzMDYxNTIwNTc2MDc2
Request Chain 283
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=694731493061520576076&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=5b84f903-6fa4-4601-9646-10138d604f28&ssp=triplelift&gdpr=0 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 285
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/694731493061520576076?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-WnqmlmxE2oRQpFppt0RxkjGwQene.2BBMM_IPDzK.w--~A&dongle=0883
Request Chain 286
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=Cx70wqgOv71vzzsto1ul&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IN4DOMDXOFTU65RXGF3HU6TTORXTC5LM&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IN4DOMDXOFTU65RXGF3HU6TTORXTC5LM HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=Cx70wqgOv71vzzsto1ul
Request Chain 287
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5364052513180930309&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 290
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%5BUID%5D HTTP 302
  • https://vpb-server.jwplayer.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&f=i&uid=cc54377c-6a9e-4e6a-b12e-79ecec04d9a8
Request Chain 292
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 293
  • https://ssc-cms.33across.com/ps/?_=1682900659319.&ri=0014000001aXjnGAAS&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=212153908003024
Request Chain 294
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=5b84f903-6fa4-4601-9646-10138d604f28&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 295
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1682900659319.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=4321644f-06b3-4d00-9f02-623ffea91b7e
Request Chain 296
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-iEc2Id9E2uE8RyNvqyPLhuUqCVF2upQ0~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iEc2Id9E2uE8RyNvqyPLhuUqCVF2upQ0%7EA&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 297
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=706a27e341330fe8&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAFprChiHtmsgMDCf83AAAAAAA&expiration=1682987059&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAFprChiHtmsgMDCf83AAAAAAA&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 298
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=694731493061520576076 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=694731493061520576076&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 299
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=synacor_xapi&gdpr_consent=undefined&gdpr=0&khaos=LH43LMLB-28-57MV HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=LH43LMLB-28-57MV&gdpr=0&gdpr_consent=undefined
Request Chain 301
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&gdpr_consent=undefined&gdpr=0&khaos=LH43LMLB-28-57MV HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LH43LMLB-28-57MV&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LH43LMLB-28-57MV&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 320
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8079%26svc%3Dus%26id%3D23%2C26%2C29%26uid%3D$UID HTTP 302
  • https://pixel.servebom.com/partner?cb=8079&svc=us&id=23,26,29&uid=5364052513180930309
Request Chain 321
  • https://us-u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=de2d90e5-4d26-4c8c-a342-3edcde51fdb1&ph=25af9286-f23b-4b02-abcd-f2ee3b564dab&r=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D6959%26svc%3Dus%26id%3D22%26uid%3D HTTP 302
  • https://pixel.servebom.com/partner?cb=6959&svc=us&id=22&uid=0bdeddd8-ee2a-03eb-2a35-b3da2d9dd968
Request Chain 323
  • https://purch-sync.go.sonobi.com/us?https://pixel.servebom.com/partner?cb=6994&svc=us&id=9&uid=[UID] HTTP 302
  • https://pixel.servebom.com/partner?cb=6994&svc=us&id=9&uid=cc54377c-6a9e-4e6a-b12e-79ecec04d9a8
Request Chain 324
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D9841%26svc%3Dus%26id%3D24%26uid%3D$UID HTTP 307
  • https://pixel.servebom.com/partner?cb=9841&svc=us&id=24&uid=GkeYTLZH5EevHt7VRiGLiTt6
Request Chain 325
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D5619%26svc%3Dus%26id%3D14%26uid%3D%24UID HTTP 302
  • https://pixel.servebom.com/partner?cb=5619&svc=us&id=14&uid=694731493061520576076
Request Chain 326
  • https://purch-match.dotomi.com/match/bounce/current?networkId=20077&version=1&rurl=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7124%26svc%3Dus%26id%3D36%26uid%3D$UID&gdpr=0&gdpr_consent=&_origin=1&redir=true HTTP 302
  • https://purch-match.dotomi.com/match/bounce/current?DotomiTest=5660380b36880fe8&is_secure=true&networkId=20077&version=1&rurl=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7124%26svc%3Dus%26id%3D36%26uid%3D%24UID&gdpr=0&gdpr_consent=&_origin=1&redir=true HTTP 302
  • https://pixel.servebom.com/partner?cb=7124&svc=us&id=36&uid=AAAFprChiHtnIgNkjoiMAAAAAAA&expiration=1682987062&_origin=1&is_secure=true&gdpr_consent=&gdpr=0&redir=true
Request Chain 327
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj3GAAS&ru=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D2757%26svc%3Dus%26id%3D59%26uid%3D33XUSERID33X HTTP 302
  • https://pixel.servebom.com/partner?cb=2757&svc=us&id=59&uid=212153908003024
Request Chain 330
  • https://qds0l.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8257%26svc%3Dus%26id%3D32%26uid%3D%5Btvid%5D HTTP 302
  • https://qds0l.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8257%26svc%3Dus%26id%3D32%26uid%3D%5Btvid%5D HTTP 302
  • https://pixel.servebom.com/partner?cb=8257&svc=us&id=32&uid=38a8cb24600543599a81473ddc58df9a
Request Chain 334
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?r=488&p=11868&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?r=488&p=11868&endpoint=us-east
Request Chain 335
  • https://pixel.advertising.com/ups/58164/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58164/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true HTTP 302
  • https://pixel.servebom.com/partner?&svc=us&id=57&uid=y-yoI.V1tE2uFuqAakwiLzaWPR4.mtFddT~A
Request Chain 336
  • https://ups.analytics.yahoo.com/ups/58290/sync?redir=true HTTP 302
  • https://pixel.servebom.com/partner?svc=us&id=61&uid=y-ptgwb0FE2uJ0SyTlUZ08ubeozupTdrg-~A
Request Chain 337
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7607%26svc%3Dus%26id%3D62%26uid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D HTTP 302
  • https://pixel.servebom.com/partner?cb=7607&svc=us&id=62&uid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&cookie_age=5
Request Chain 338
  • https://match.sharethrough.com/universal/v1?supply_id=dSvJjhJF HTTP 302
  • https://pixel.servebom.com/partner?svc=us&id=64&uid=dfe7fbb1-55ce-41d1-849c-c06fbefaa442
Request Chain 341
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=9e764996-7ce7-4548-a670-6482f1d6a5d0&ssp=sonobi&expires=30&user_group=5&bsw_param=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b
Request Chain 342
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&pubid=
Request Chain 343
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=4321644f-06b3-4d00-9f02-623ffea91b7e
Request Chain 344
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978477414459663588
Request Chain 345
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=cc54377c-6a9e-4e6a-b12e-79ecec04d9a8&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=HSYqt5fCNHLv
Request Chain 347
  • https://ups.analytics.yahoo.com/ups/58645/occ HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-asknpzFE2uGLRdPtD2tgHm.g4PO2u73zCHj7M4g-~A
Request Chain 348
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=cd3ab30d3ce34ba7bab30d3ce3bba715
Request Chain 350
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=cc54377c-6a9e-4e6a-b12e-79ecec04d9a8&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID HTTP 301
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=d7e8299c-83aa-404a-8a25-2ff9cebaf077
Request Chain 352
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=5364052513180930309
Request Chain 353
  • https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=tl&nuid=694731493061520576076
Request Chain 354
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=av
Request Chain 356
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Y2M1NDM3N2MtNmE5ZS00ZTZhLWIxMmUtNzllY2VjMDRkOWE4 HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEBYXz0LLnEFjT3TsXrQEf4w&google_cver=1
Request Chain 357
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=cc54377c-6a9e-4e6a-b12e-79ecec04d9a8 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=cc54377c-6a9e-4e6a-b12e-79ecec04d9a8
Request Chain 358
  • https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=openx&nuid=ce10475c-6251-093a-3f92-0fdcb313a6cb
Request Chain 359
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5364052513180930309
Request Chain 361
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4321644f-06b3-4d00-9f02-623ffea91b7e
Request Chain 362
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE8GsQAGq1TEpABS
Request Chain 363
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4497645360037501104&gdpr=0&gdpr_consent=
Request Chain 364
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4462594004579376896&expiration=1684110262
Request Chain 365
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZE8GsntS6rVM0F29LL34HgAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZE8GsntS6rVM0F29LL34HgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259156499483
Request Chain 370
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=5364052513180930309&gdpr=0&gdpr_consent=
Request Chain 371
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=5364052513180930309&gdpr=0&gdpr_consent=
Request Chain 372
  • https://creativecdn.com/cm-notify?pi=adyoulike HTTP 302
  • https://creativecdn.com/cm-notify?pi=adyoulike&tc=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=dEWL0lDaosXV0fFQ3eCF&name=RTB_HOUSE&pi=adyoulike&tc=1
Request Chain 374
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=adyoulike&ssp_user_id=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-nJts8iBE2pnbqog8VdL.INK_NsN7b8i25h36wg--~A&expires=5&ssp=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&name=BIDSWITCH&gdpr=&gdpr_consent=
Request Chain 375
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&name=THE_TRADE_DESK
Request Chain 376
  • https://match.prod.bidr.io/cookie-sync/aul HTTP 303
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAA8Kk7Ing0AACQhPkHy3w&name=BEESWAX
Request Chain 377
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=Cx70wqgOv71vzzsto1ul&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6QSBJZHEKURGOR2GYPJXGIYCM5LJMQ6WEZDFMY3GEZBZGVRDONBVGBRDIZJWGJQTGMTEMI4GGN3EHBRTSZBGOZUXG2LUN5ZD2Q3YG4YHO4LHJ53DOMLWPJ5HG5DPGF2WY&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6QSBJZHEKURGOR2GYPJXGIYCM5LJMQ6WEZDFMY3GEZBZGVRDONBVGBRDIZJWGJQTGMTEMI4GGN3EHBRTSZBGOZUXG2LUN5ZD2Q3YG4YHO4LHJ53DOMLWPJ5HG5DPGF2WY HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=Cx70wqgOv71vzzsto1ul
Request Chain 378
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=Cx70wqgOv71vzzsto1ul&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6TSBKREVMRK7GFPTEJTUORWD2NZSGATHK2LEHVTDEZBZGEZTMY3GGUZWIZLEMU3WMOBTMJQTCNRRG4YWCMZXMZSGIJTWNFZWS5DPOI6UG6BXGB3XCZ2POY3TC5T2PJZXI3ZROVWA&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6TSBKREVMRK7GFPTEJTUORWD2NZSGATHK2LEHVTDEZBZGEZTMY3GGUZWIZLEMU3WMOBTMJQTCNRRG4YWCMZXMZSGIJTWNFZWS5DPOI6UG6BXGB3XCZ2POY3TC5T2PJZXI3ZROVWA HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=Cx70wqgOv71vzzsto1ul
Request Chain 379
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=810fd96f-d922-457f-a52a-9afb52bef3ea%20&gdpr_consent=null&gdpr=0
Request Chain 380
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0907220407830ee4b79bfab9&gdpr=0&gdprConsent=
Request Chain 381
  • https://sync.srv.stackadapt.com/sync?nid=33 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-aee3e84a-9648-5082-7b18-bc1b6a6da401$ip$149.56.153.187&name=STACKADAPT
Request Chain 382
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D4b30a0b1f289a261ab592e1e53c126eb%26name%3DSOVRN%26visitor%3D%24UID&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=4b30a0b1f289a261ab592e1e53c126eb&name=SOVRN&visitor=GkeYTLZH5EevHt7VRiGLiTt6
Request Chain 383
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D0f4b0fcde45fe67019618f4c5f35f52e%26name%3DADMIXER%26visitor%3D%24%24visitor_cookie%24%24&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=0f4b0fcde45fe67019618f4c5f35f52e&name=ADMIXER&visitor=5e656fd8777042b59cc44e11cafdd692
Request Chain 384
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX&crf=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=5f554578-f0f8-5379-a3c6-f0ffc789f649&name=BETWEENX
Request Chain 385
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=75e96c09-430e-4d69-9c12-98bfda1e9e84&name=BIDTELLECT
Request Chain 389
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Request Chain 391
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Request Chain 392
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Request Chain 394
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
Request Chain 396
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=1500f78c
Request Chain 397
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=HSYqt5fCNHLv&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 398
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=4321644f-06b3-4d00-9f02-623ffea91b7e&gdpr=0&gdpr_consent=
Request Chain 399
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2075%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=2712222862 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/2075/4321644f-06b3-4d00-9f02-623ffea91b7e?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-397964c6-fc9f-436a-ab31-b3a253f525d2-005 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005
Request Chain 404
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=11868&r=488&gdpr_consent=undefined&gdpr=0&khaos=LH43LMLB-28-57MV HTTP 302
  • https://pixel.servebom.com/partner?svc=us&id=19&uid=LH43LMLB-28-57MV&gdpr=0&gdpr_consent=undefined
Request Chain 407
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=5364052513180930309&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 409
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=644680&extuid=694731493061520576076
Request Chain 410
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2069.55%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=8335362194 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/2069.55/4321644f-06b3-4d00-9f02-623ffea91b7e?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-397964c6-fc9f-436a-ab31-b3a253f525d2-005 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005
Request Chain 411
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=5ce37491-0a1a-0ddc-2f26-c6ef107e2503
Request Chain 412
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%240%26gdpr_consent%3D%24 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dc33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341%26partner_url%3Dhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D309017%2526extuid%253Dc33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341%2526gdpr%253D%25240%2526gdpr_consent%253D%2524 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dc33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341%26partner_url%3Dhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D309017%2526extuid%253Dc33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341%2526gdpr%253D%25240%2526gdpr_consent%253D%2524&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341&partner_url=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3Dc33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341%26gdpr%3D%240%26gdpr_consent%3D%24 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=309017&extuid=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341&gdpr=$0&gdpr_consent=$
Request Chain 413
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636%2526visitor%253D%257Buid%257D%2526name%253DOPENWEB HTTP 302
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=a09985e324964ebe&name=OPENWEB
Request Chain 414
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr_consent=undefined&gdpr=0&khaos=LH43LMLB-28-57MV HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LH43LMLB-28-57MV&name=RUBICON&gdpr=0&gdpr_consent=undefined
Request Chain 423
  • https://sync.bfmio.com/syncb?pid=132 HTTP 302
  • https://pixel.servebom.com/partner?cb=[cachebuster]&svc=us&id=42&uid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
Request Chain 424
  • https://sync.bfmio.com/syncb?pid=137 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&ex=bf.com
Request Chain 466
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 467
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 468
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1&gdpr=0
Request Chain 469
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE8GsntS6rVM0F29LL34HgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1
Request Chain 470
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE-D_c5dgCRT5XKwIRRIe9o&google_cver=1
Request Chain 471
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2NDA1MjUxMzE4MDkzMDMwOQ%3D%3D
Request Chain 472
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1&gdpr=0
Request Chain 473
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE8GsntS6rVM0F29LL34HgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1
Request Chain 474
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE-D_c5dgCRT5XKwIRRIe9o&google_cver=1
Request Chain 475
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2NDA1MjUxMzE4MDkzMDMwOQ%3D%3D
Request Chain 518
  • https://futureplc-com.videoplayerhub.com/galleryplayer.js HTTP 301
  • https://btloader.com/tag?h=futureplc-com&upapi=true
Request Chain 532
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3635350047656771690 HTTP 307
  • https://ml314.com/csync.ashx?fp=df1d3c69a94ed6518e1d67b36c05bdfec3c8ba53f7c30f2b000c6738b10894b4f4cb09cee1a4f8eb&person_id=3635350047656771690&eid=50082
Request Chain 533
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&gdpr=0&gdpr_consent=
Request Chain 534
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3635350047656771690 HTTP 302
  • https://ml314.com/csync.ashx?fp=de285aca32afb3e68c91ff69fdfbd7fa&eid=50146&person_id=3635350047656771690
Request Chain 535
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2T1LGZpi3yNDIo9c90fTWqRTubsHFHrqQd6Aqp63Zt7s&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
  • https://ml314.com/csync.ashx?fp=2T1LGZpi3yNDIo9c90fTWqRTubsHFHrqQd6Aqp63Zt7s&person_id=3635350047656771690&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referrer_pid%3dr8hrb20 HTTP 302
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Request Chain 546
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12529%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.itpro.com%252Fsecurity%252Fmalware%252F28083%252Fbest-free-malware-removal-tools%26hn_ver%3D40%26fid%3D08792bcf-8868-41d5-806b-68b8e6ec4738 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=5364052513180930309&pid=12529&ref=&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&hn_ver=40&fid=08792bcf-8868-41d5-806b-68b8e6ec4738
Request Chain 547
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D08792bcf-8868-41d5-806b-68b8e6ec4738 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=FC8D0EA9-A0C2-4CA5-9C98-C1F067490B0E&fid=08792bcf-8868-41d5-806b-68b8e6ec4738
Request Chain 548
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
  • https://s.cpx.to/sync?dsp_uid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&dsp=TTD
Request Chain 549
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=08792bcf-8868-41d5-806b-68b8e6ec4738 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=08792bcf-8868-41d5-806b-68b8e6ec4738&google_gid=CAESEMiX_ZYIn4Us2AU1sXOq4Ng&google_cver=1
Request Chain 557
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=themediagrid&ssp_user_id=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-nJts8iBE2pnbqog8VdL.INK_NsN7b8i25h36wg--~A&expires=5&ssp=themediagrid
Request Chain 560
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=7346c5ca-1cb1-4263-a1e2-d35d1dcf074f&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 561
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341&dongle=1fa5&gdpr=0&gdpr_consent=
Request Chain 562
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-aee3e84a-9648-5082-7b18-bc1b6a6da401$ip$149.56.153.187&dongle=4430
Request Chain 565
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2885768169026791528&dongle=d407&gdpr=0&gdpr_consent=
Request Chain 567
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAA8Kk7Ing0AACQhPkHy3w&dongle=bzwx&gdpr=0
Request Chain 572
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 573
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=2e509c79-b32a-0256-2e2f-193d6689c7dc
Request Chain 574
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
Request Chain 575
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&ttl=1685492665
Request Chain 576
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LH43LMLB-28-57MV
Request Chain 578
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341
Request Chain 579
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-asknpzFE2uGLRdPtD2tgHm.g4PO2u73zCHj7M4g-~A
Request Chain 583
  • https://idsync.rlcdn.com/403716.gif?partner_uid=ayn9ia630bwomwtg0f89bp0ju HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D

582 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request best-free-malware-removal-tools
www.itpro.com/security/malware/28083/
Redirect Chain
  • https://www.itproportal.com/news/up-to-18000-business-hit-in-solarwinds-hack/
  • https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
545 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c65e3d305c9257e8a5719bbf2145c63ff5778931b031699eacb6893d2a2524b5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
136808
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=60,public
content-encoding
br
content-length
92739
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:24:15 GMT
expires
Mon, 01 May 2023 10:24:07 GMT
last-modified
Sat, 29 Apr 2023 10:24:07 GMT
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-age
0
x-article-id
e9nadFx9ZNW7DfPLyrKnKs
x-cache
HIT-CLUSTER
x-cache-hits
8, 1
x-country-code
US
x-country-code-real
CA
x-frame-options
SAMEORIGIN
x-ftr-backend
varnish-leopard
x-ftr-backend-server
vanilla-leopard-http-cache-prod-01
x-ftr-balancer
vanilla-mochi-http-haproxy-prod-2
x-ftr-cache-status
MISS
x-ftr-request-id
44310a75-f0c7-4003-b46e-1bc710983fb5 00000000000000000000FFFF9D344580:2E04_00000000000000000000FFFFB9711938:01BB_644CF046_1A927EB:3D4A63
x-modified-date
1669652880
x-served-by
cache-lon420128-LON, cache-yul12823-YUL
x-timer
S1682900656.799117,VS0,VE3
xkey
itpro-platform-responsive itpro-article-e9nadFx9ZNW7DfPLyrKnKs itpro-articletype-buying-guide itpro-articletemplate-standard itpro-article-age-ancient itpro-region-US itpro-language-en itpro-modifieddate-1669652880 itpro-author-nV7ssW3m9u9EQhjsYJPQeh itpro-tag-vNb4qjaerYmbxtvtC7vr17 itpro-tag-nRS3q9Hbwso6TtGimTsYdB itpro-article-extended-ttl-true itpro-flexi-page-guid-itpro_page_layout_news itpro-curatedlist-9ityrXgfTSfprh6HG4gK9c itpro-flexi-controller-FlexiPageLayout:index itpro-flexi-site-guid-itpro_en_us itpro-flexi-layout-news itpro-flexi-route-custom_route_1666094972 itpro-version-673941 itpro-server-phpfpm-78698468d4-np2gl

Redirect headers

accept-ranges
bytes
age
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=60,public
content-encoding
br
content-length
1
content-type
text/html; charset=UTF-8
date
Mon, 01 May 2023 00:24:15 GMT
expires
Mon, 01 May 2023 00:39:15 GMT
location
https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-age
0
x-allow-raw-redirect
1
x-cache
MISS-CLUSTER
x-cache-hits
0, 0
x-country-code
GB
x-country-code-real
CA
x-ftr-backend
varnish-leopard
x-ftr-backend-server
vanilla-leopard-http-cache-prod-02
x-ftr-balancer
vanilla-mochi-http-haproxy-prod-1
x-ftr-cache-status
MISS
x-ftr-request-id
00000000000000000000FFFF9D344557:8E00_00000000000000000000FFFFB9711932:01BB_644F06AF_5FF3121:1190FB
x-served-by
cache-lon420137-LON, cache-yul12831-YUL
x-timer
S1682900655.400364,VS0,VE334
xkey
redirect-basic
9WCAq7PysdEAdKA8p5UCsQ-970-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/9WCAq7PysdEAdKA8p5UCsQ-970-80.jpg.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.240.131.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
3f4a2d8895be9bf8371fb806745027923436529e2784e4e09ba82c7c02d5682d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
x-backend
default
x-svc-env
prod
age
1607873
xkey
/proof/9WCAq7PysdEAdKA8p5UCsQ.jpg
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
content-length
39022
x-svc-build-time
Tue Mar 21 16:09:25 UTC 2023
x-ftr-balancer
bulkproxyprodred
x-served-by
kodiak-varnish-65848cc5d7-4ckmv
x-ftr-request-id
00000000:7DA7_00000000:0050_64367DED_54ADF:69B8
x-svc-go-version
1.17.8
server
Footprint Distributor V6.1.1162
etag
70b6726528570a3d3527d92f20453cfc
x-svc-name
kodiak-mos-adapter-svc
vary
Origin
content-type
image/webp
x-ftr-backend-server
kube
cache-control
max-age=5184000
x-svc-version
latest
accept-ranges
bytes
expires
Sat, 17 Jun 2023 16:44:24 GMT
wrapperMessagingWithoutDetection.js
cdn.privacy-mgmt.com/unified/ 		122 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-20.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6edbf7efa384a9d4f15b08d8c9bab7b156db2f24a1849f34d6551a53ce1fd5c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:06:18 GMT
content-encoding
br
via
1.1 024ebcc63921610877d4ba277290628c.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 15:35:02 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
1078
x-amz-server-side-encryption
AES256
etag
W/"42d1e9459103c32433cb7a2590755328"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
K4f07icf2BP6a5vNtLaA1Cozi0A2OJtgsCT6vvCyi8-9nVX50914gw==
promotion.min.css
search-api.fie.futurecdn.net/css/browser/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/ 		3 KB
878 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/css/browser/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/promotion.min.css
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d5e1b4b1df9b4fb4b4ba9cb1866789e3869004cdc8a624fc016e56139193a341
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
298894
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
fie-assets
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Fri, 26 Apr 2024 13:22:42 GMT
x-ftr-balancer
hawkproxyprodblue
x-served-by
cache-lon4236-LON, cache-yul12830-YUL
x-ftr-request-id
00000000:E9B2_00000000:01BB_644A7725_F49135:6C20
last-modified
Thu, 27 Apr 2023 10:24:07 GMT
x-timer
S1682900656.865139,VS0,VE0
etag
W/"644a4d47-d45"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodred
cache-control
max-age=31536000, immutable, stale-if-error=172800, stale-while-revalidate=172800
content-length
612
accept-ranges
bytes
x-cache-hits
3, 8919
itpro.min.css
search-api.fie.futurecdn.net/css/browser/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/css/browser/itpro.min.css
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7064d6d5294ef022f43efc7ff3123f4564e2c6919382895478efd2d37b702f23
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
495
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
fie-assets
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Sun, 30 Apr 2023 10:48:09 GMT
x-ftr-balancer
hawk-proxy-185-113-25-40
x-served-by
cache-lon420143-LON, cache-yul12830-YUL
x-ftr-request-id
00000000:5C06_00000000:01BB_644E42B9_AB8082:0541
last-modified
Thu, 27 Apr 2023 10:24:07 GMT
x-timer
S1682900656.864824,VS0,VE1
etag
W/"644a4d47-16fc"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodred
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
content-length
2001
accept-ranges
bytes
x-cache-hits
2, 1
responsive.js
search-api.fie.futurecdn.net/js/w/es6/ 		599 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/js/w/es6/responsive.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce74a00f821f7f857fd92a73485b1dc5fa7373c61ea04cf37c42921421d25ea3
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
819
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
fie-assets
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Thu, 27 Apr 2023 16:27:45 GMT
x-ftr-balancer
hawkproxyprodblue
x-served-by
cache-lon420115-LON, cache-yul12824-YUL
x-ftr-request-id
00000000:D9CC_00000000:01BB_644A9DD1_A58849:6C1F
last-modified
Thu, 27 Apr 2023 10:24:07 GMT
x-timer
S1682900656.880267,VS0,VE0
etag
W/"644a4d47-95acf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodwhite
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
content-length
164571
accept-ranges
bytes
x-cache-hits
8, 5
responsive.min.css
search-api.fie.futurecdn.net/css/browser/ 		234 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/css/browser/responsive.min.css
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c08f9e0842df5d56fbf57b1b606d35a70ad354f3b57b6066635082452b3ac90
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
315
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
fie-assets
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Thu, 27 Apr 2023 14:15:45 GMT
x-ftr-balancer
hawkproxyprodblue
x-served-by
cache-lon420116-LON, cache-yul12830-YUL
x-ftr-request-id
00000000:FAB4_00000000:01BB_644A7EDF_5DFBEC:6C1E
last-modified
Thu, 27 Apr 2023 10:24:07 GMT
x-timer
S1682900656.864825,VS0,VE0
etag
W/"644a4d47-3a800"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodwhite
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
content-length
19931
accept-ranges
bytes
x-cache-hits
2, 14
flexisites.min.css
vanilla.futurecdn.net/itpro/673941/media/css/ 		359 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/673941/media/css/flexisites.min.css
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
8284038fcb9666bd9258d31b8d762d2728cc1a565d30f6f71ed9e32d3e57d891
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
207184
x-ftr-dc
uk-lon1
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
49449
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:73D3_00000000:0050_644BDD5F_67ED9:2EBA
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Sun, 28 May 2023 15:15:29 GMT
missing-image.svg
vanilla.futurecdn.net/itpro/media/img/ 		274 B
867 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vanilla.futurecdn.net/itpro/media/img/missing-image.svg
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
bea62015bf6a41d5e8d0dd77fdb6be95b7027a157fce018a452194afd6073b47
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1608586
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
208
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:D4C6_00000000:0050_64367B23_326130:0352
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Fri, 12 May 2023 09:34:29 GMT
externals.js
slice.vanilla.futurecdn.net/11-0-2/js/ 		128 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slice.vanilla.futurecdn.net/11-0-2/js/externals.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5d95b5088265f50a8f40fc6cd0faa5325c29bebe87fe81a85f969c23b278e3f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31536000
age
555914
x-cache
HIT
x-ftr-backend
van-prod
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
37133
x-served-by
cache-yyz4520-YYZ
x-ftr-balancer
vanilla-mochi-http-haproxy-prod-2
x-ftr-request-id
00000000000000000000FFFF9D344050:BBD4_00000000000000000000FFFFB9711938:01BB_64468B1F_28F18DE:35295F
last-modified
Mon, 24 Apr 2023 10:01:12 GMT
x-timer
S1682900656.959419,VS0,VE0
etag
W/"1fe01-187b2b5d204"
vary
accept-encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
17605
6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/ 		920 KB
268 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09979f555298f71322a12b9259094d8cf3bc9e381a2413fdde14e69da62ec28c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
6093eccf-6734-4877-ac8b-83d6d0e27b46
age
0
x-guploader-uploadid
ADPycdtJouwu9P4QUKZCduFTAN5W7H8fT8qm8LN4ayK6wIW9sgMxLNsgiwr12kAnV4SOZ0kZvBnfD1c2EjeWLBr6AT0XTuwzEPw0
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Fri, 28 Apr 2023 13:25:03 GMT
server
cloudflare
etag
W/"675d43e148caf88b4ec6310636cd3069"
vary
Accept-Encoding
x-goog-generation
1682688303194256
content-type
application/javascript
x-goog-hash
crc32c=p5mNNw==, md5=Z11D4UjK+ItOxjEGNs0waQ==
cache-control
public, max-age=900
x-goog-stored-content-length
296521
timing-allow-origin
*
cf-ray
7c03e16bab6c715a-YUL
expires
Mon, 01 May 2023 00:39:15 GMT
freyr.js
freyr.futurecdn.net/ 		71 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freyr.futurecdn.net/freyr.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
63db600caaa5335f3270ba4ea9169793c61c827299e3d5b82521ae98d3f76cc0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 24 Apr 2023 13:39:01 GMT
etag
W/"64468675-11b38"
freyr-version
6.1.1
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-hw
1682900655.cds227.dc2.hn,1682900655.cds214.dc2.c
cache-control
max-age=1354
accept-ranges
bytes
content-length
17808
US.svg
vanilla.futurecdn.net/itpro/media/shared/img/flags/nosize/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/img/flags/nosize/US.svg
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
c0a177730664a02710981330dacbe32e843153f32945016aa1e7b377ed4f9819
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1608587
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
424
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:50E4_00000000:0050_64367B24_30E618:0351
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Fri, 12 May 2023 09:38:38 GMT
missing-image.svg
www.itpro.com/media/img/ 		274 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itpro.com/media/img/missing-image.svg
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bea62015bf6a41d5e8d0dd77fdb6be95b7027a157fce018a452194afd6073b47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Fri, 12 May 2023 09:34:28 GMT
date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
age
1608587
x-cache
HIT-CLUSTER
x-ftr-backend
varnish-leopard
x-age
0
x-ftr-cache-status
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
206
x-ftr-balancer
vanilla-mochi-http-haproxy-prod-1
x-served-by
cache-lon4276-LON, cache-yul12823-YUL
x-ftr-request-id
00000000000000000000FFFF9D344529:7EB6_00000000000000000000FFFFB9711932:01BB_64367B24_1818454:35E8C9
last-modified
Tue, 11 Apr 2023 14:26:42 GMT
x-country-code-real
CA
x-timer
S1682900656.912314,VS0,VE2
etag
"64356e22-112"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-ftr-backend-server
vanilla-leopard-http-cache-prod-02
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-country-code
US
x-cache-hits
370, 1
hawklinks.js
search-api.fie.futurecdn.net/hl/es6/ 		201 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/hl/es6/hawklinks.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2bb1b8c31850a3f853a52dc7b42408fe48a3ba47646635a8c03cbaa44697992d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
608
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
fie-assets
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Tue, 25 Apr 2023 05:28:58 GMT
x-ftr-balancer
hawk-proxy-185-113-25-40
x-served-by
cache-lon420134-LON, cache-yul12824-YUL
x-ftr-request-id
00000000:FD30_00000000:01BB_64476069_1A74A3:0543
last-modified
Mon, 27 Mar 2023 11:07:55 GMT
x-timer
S1682900656.910450,VS0,VE0
etag
W/"6421790b-325fd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodred
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
content-length
52066
accept-ranges
bytes
x-cache-hits
26, 58
p.js
cdn.parsely.com/keys/itpro.com/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/itpro.com/p.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-101-60.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
bcbdd7d7e74de830df279c0d2483873aa056f06c6991b6a7201af89b0c9195ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Apr 2023 10:27:09 GMT
content-encoding
gzip
via
1.1 fe3f86f21d87c094c405e9e14c807538.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 19:21:25 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
50334
etag
W/"619404b5-c8a9"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
XEj-wXGqK2eIZme8LSYTY0LO1bCt-N9KDmIggBIiZfhiTVimnJj5SQ==
expires
Mon, 01 May 2023 10:25:21 GMT
flexisites.woff
vanilla.futurecdn.net/itpro/673941/media/fonts/ 		7 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/673941/media/fonts/flexisites.woff
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
2c6d13081750bfcfb93cb02b49b291d1055d5ec08d4e2e7ea8205b089c0ab390
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
207184
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
7037
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:7F62_00000000:0050_644BDD5E_760FB:2CD0
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Sun, 28 May 2023 14:51:11 GMT
bordeaux.js
bordeaux.futurecdn.net/ 		294 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bordeaux.futurecdn.net/bordeaux.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
523a160b94aa60d4440a0f0cfcab996ea5af037a3be307f6a05c2f8d56ec7dc8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
gzip
bordeaux-version
latest
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 27 Mar 2023 14:21:15 GMT
etag
W/"6421a65b-499f6"
x-hw
1682900655.cds210.dc2.hn,1682900655.cds215.dc2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
82967
champagne.js
champagne.futurecdn.net/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://champagne.futurecdn.net/champagne.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
fde3958fc7b3011078e5ee89f3eadb030b67d8c4592204641fb8d2063bf1ec2c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 01 Dec 2022 15:30:00 GMT
champagne-version
latest
etag
W/"6388c878-aa0c"
x-hw
1682900655.cds169.dc2.hn,1682900655.cds225.dc2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
14695
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 30 Apr 2023 23:22:23 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
3712
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 01 May 2023 01:22:23 GMT
door.js
uk-script.dotmetrics.net/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/door.js?d=www.itpro.com&t=itprous
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-44.ewr52.r.cloudfront.net
Software
Kestrel /
Resource Hash
74bd1035789f07555db58f77ce20270fecc59b5b95077d69007eb0b9129af304

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
br
via
1.1 a1882a601559755135741e91a9f86c28.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
EWR52-C4
etag
".www.itpro.com.itprous.224.2023050100"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
yLiLlFZwF4dDzZgGZohzfqTReidYnSITk-fgXxQiUHvyabjj2msv3A==
flexi.js
vanilla.futurecdn.net/itpro/673941/media/shared/js/ 		126 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/673941/media/shared/js/flexi.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
89b70d3b42eeb21714ce9cd514bd659a16f36c8d46732e0c691e3607301ef903
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
207184
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
38929
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:EBCE_00000000:0050_644BDD5D_1BD4F4:2CD3
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Sun, 28 May 2023 14:51:11 GMT
main.abcefa329387d8fe88e2.bundle.js
vanilla.futurecdn.net/itpro/673941/media/shared/js/ 		321 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
2ddc632c3a86aacb7dd2c6da2c0f1fd61e7e7ccdc74f310aae2cc85342cf7d3a
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
207184
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
85122
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:6F45_00000000:0050_644BDD5F_1BD51B:2CD3
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Sun, 28 May 2023 15:15:29 GMT
OpenSans-400-Regular.woff2
vanilla.futurecdn.net/itpro/673941/media/shared/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/673941/media/shared/fonts/OpenSans-400-Regular.woff2
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
207184
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
16743
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:EBD8_00000000:0050_644BDD5F_1BD51A:2CD3
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Sun, 28 May 2023 15:15:29 GMT
OpenSans-700-Bold.woff2
vanilla.futurecdn.net/itpro/673941/media/shared/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/673941/media/shared/fonts/OpenSans-700-Bold.woff2
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
207184
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
16383
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:7697_00000000:0050_644BDD5F_A3CF0:2CD1
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Sun, 28 May 2023 15:06:30 GMT
OpenSans-600-SemiBold.woff2
vanilla.futurecdn.net/itpro/673941/media/shared/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/673941/media/shared/fonts/OpenSans-600-SemiBold.woff2
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
511b67b07a90c30bed95a6e3b1a7708d978d53f01e5fad89403590aaf22fb134
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
207184
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
16819
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:A879_00000000:0050_644BDD5E_1BD4F5:2CD3
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Sun, 28 May 2023 14:51:11 GMT
OpenSans-300-Light.woff2
vanilla.futurecdn.net/itpro/673941/media/shared/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/673941/media/shared/fonts/OpenSans-300-Light.woff2
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
25b0bc9dda8dd671aa7cc47201a3d2b019d51deb6c6cebe10c38ec352d4a1c96
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
207184
x-ftr-dc
uk-lon1
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
16835
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:73DD_00000000:0050_644BDD5F_67EE8:2EBA
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Sun, 28 May 2023 14:51:11 GMT
itpro.min.css
vanilla.futurecdn.net/itpro/673941/media/css/ 		159 B
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/673941/media/css/itpro.min.css
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
42659e10606682c6ced7d1c1a7b3fa923e173a60bece08b86acb5f4882111b7b
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
207208
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
114
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:DA11_00000000:0050_644BDD48_1BD2BB:2CD3
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Sun, 28 May 2023 14:51:11 GMT
hlwce5dqzq4wsnmg-16040076574048-250-80.jpeg
mos.fie.futurecdn.net/logos/models/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mos.fie.futurecdn.net/logos/models/hlwce5dqzq4wsnmg-16040076574048-250-80.jpeg
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
d81ecdfd770abb03106fc5106e92380e2ee6dc602ffdd25f3d6e2e622fdf5a10

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
x-ftr-cache-resized-status
MISS
age
362832
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
mos
content-length
14272
x-ftr-balancer
bulkproxyprodred
x-ftr-request-id
00000000:A89F_00000000:0050_5FA6F75D_383AF9:0C4B
last-modified
Thu, 29 Oct 2020 21:40:57 GMT
server
nginx
etag
"8d6a8139d9085d797db649ca8cd161d5"
content-type
image/jpeg
x-ftr-backend-server
mos05
cache-control
max-age=2592000
accept-ranges
bytes
x-ftr-cache-host
moscache05
expires
Fri, 26 May 2023 19:37:04 GMT
ccpa.76009a2b49e794158c69.bundle.js
cdn.privacy-mgmt.com/unified/4.8.0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/4.8.0/ccpa.76009a2b49e794158c69.bundle.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-20.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f724988664f7ff40306c2ae90a9e2b74521fbf937dce65fbc4ad9964008cb083

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 15:37:00 GMT
content-encoding
br
via
1.1 024ebcc63921610877d4ba277290628c.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 14:54:00 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
31637
etag
W/"a8966a38a0762b86f1b8b67f4adaa091"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
A3Fovu8ps8PPZc2zLc38RRfZHq0ufNZgi8aqmwCCLELno34iKRNhjw==
gdpr-tcf.c5f25289dc007b62e8a5.bundle.js
cdn.privacy-mgmt.com/unified/4.8.0/ 		86 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/4.8.0/gdpr-tcf.c5f25289dc007b62e8a5.bundle.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-20.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc9e81999967e8bfe66b3337896a3401cc0ed306c99243b4924207df749a012e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 15:37:00 GMT
content-encoding
br
via
1.1 024ebcc63921610877d4ba277290628c.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 14:54:00 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
31637
etag
W/"15f3926a82b36fd8dad9dee4b7bc2b9c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
bR0ELWVR8TzdvHjUpgqwm9pTnrAXnQPDMjRQHHvdPtTf2uz4BSmvGg==
get_site_data
cdn.privacy-mgmt.com/mms/v2/ 		203 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&account_id=200
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-20.jfk50.r.cloudfront.net
Software
/
Resource Hash
d759b229df277a372ecc833c0e5fe07ea087e7401077b7b8c5243d1849d7980d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
strict-transport-security
max-age=15552000; includeSubdomains
x-sp-mms-node
ip-10-128-16-101
via
1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=3600, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
XkmyP7AEtjgVTDGunU7WpqtzvTPwZj8YNyjMxifGMjAOwk_g2fiYlg==
gallery.e0bbe329a8970e4177fe.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/gallery.e0bbe329a8970e4177fe.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
704f059368f40ccce9f9cdb4f069e9cee17a6a12d4900f2391e5ac2ac7e8ddbe
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1608587
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
5041
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:7879_00000000:0050_64367B24_404AC4:0354
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Fri, 12 May 2023 09:39:07 GMT
enlarge-images.1a0d0c1fecb4acb0fef3.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/enlarge-images.1a0d0c1fecb4acb0fef3.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
b0bcb9d0b9aec08cf95a638e8f7fa24ac816a914681cab567d4718e6af416616
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1608587
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
778
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:5106_00000000:0050_64367B25_404AD2:0354
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Fri, 12 May 2023 09:34:29 GMT
fancy-box-resize.5a260cb5f1fd5d018fa5.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/fancy-box-resize.5a260cb5f1fd5d018fa5.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
3e65844ea3621494ec26acac0bed8f9d8caf18155dd94017baee84d41563041d
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1608587
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
869
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:C678_00000000:0050_64367B25_326142:0352
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Fri, 12 May 2023 09:39:07 GMT
topics.71b67ce542657ad41ca9.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		813 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/topics.71b67ce542657ad41ca9.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
db20b4846e1b03778300d634e1a0a14cf4627c5a9baeca0a2032bff4a151e5ae
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1608587
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
487
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:510A_00000000:0050_64367B25_326145:0352
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Fri, 12 May 2023 09:34:29 GMT
jwplayer-analytics.f09c837d4cf317bc6b66.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-analytics.f09c837d4cf317bc6b66.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
beec51606224f8fcc9f2cd7f9ce7da689352c54d81696a83ff950e3599860e34
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1057692
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
1388
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:C5B1_00000000:0050_643EE314_15552CE:383E
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:47:15 GMT
jwplayer-autopause.2f0709ed947cc688d5b6.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-autopause.2f0709ed947cc688d5b6.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
522d33efcc61e39de38c61930d72f4d7352fb72b03b8641f0886d149b7a57b2c
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1057692
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
657
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:A568_00000000:0050_643EE312_15552CA:383E
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:47:15 GMT
jwplayer-sticky-desktop.147dc0f8715e81aca16a.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-sticky-desktop.147dc0f8715e81aca16a.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
2834f0efb72fb53a5fec863e6033556ede826fcf1a8b25757768fad523ff1dd6
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1057627
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
2106
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:5183_00000000:0050_643EE352_23F58D6:383F
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:53:24 GMT
jwplayer-sticky-mobile-editorial.78fd747e13679ab691cf.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-sticky-mobile-editorial.78fd747e13679ab691cf.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
5c5f0a61fbd5ffbf05e1585883a4c1264f396517cf5dc46a68bb0529230ae499
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1057623
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
2887
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:B530_00000000:0050_643EE359_6136FC:0352
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:47:15 GMT
jwplayer-unmute.1f3f44a98f862518aab2.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-unmute.1f3f44a98f862518aab2.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
dde4edf8dc06e4c94cc42039e1dcef86bfc3114f550b9c6e6dcf3430a748990c
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1057693
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
1223
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:E2C2_00000000:0050_643EE312_69A234:0353
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:53:25 GMT
jwplayer-carousel-desktop-responsive.ba6ba5c75457b16c3d7c.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-carousel-desktop-responsive.ba6ba5c75457b16c3d7c.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
aaf6cd6b0a06166fdca3a5bf8dbbfe08dc2418c7b3bc4594c16bd5b2bbe3764a
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1057688
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
3731
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:A0CB_00000000:0050_643EE318_23F5718:383F
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:53:25 GMT
jwplayer-carousel-mobile-responsive.f91cccb9d9c4b32015ed.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-carousel-mobile-responsive.f91cccb9d9c4b32015ed.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
7c3268909cac296c2ddd0fe17f4c92c4eabcdce66304365c02a99249e113fdf3
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1057688
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
5591
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:506F_00000000:0050_643EE316_23F5700:383F
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:53:26 GMT
table-scroll.de29431e22229a66494f.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/table-scroll.de29431e22229a66494f.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
1ca312ab70201beee7a8aff0f20264fb1ad5fa37fe08d558d0f248259396bf9b
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1057689
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
1415
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:A2DC_00000000:0050_643EE317_69A23E:0353
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 23:01:48 GMT
embed-resize.7f2210cf371ab2fd9e1e.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/embed-resize.7f2210cf371ab2fd9e1e.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
32bedf4fc89a1f0d1716659793930f2dfe6062b7fc1375ed620086811abd3019
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1057689
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
673
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:67E2_00000000:0050_643EE316_23F5705:383F
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:47:15 GMT
open-ahead-embeds.fb0f658d8327004e8e27.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/open-ahead-embeds.fb0f658d8327004e8e27.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
f28e998e72341f6e22102995edbda874f24f6c454ef90c4055d05c4643d45e2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1057691
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
867
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:AE1F_00000000:0050_643EE311_23F56E2:383F
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:47:15 GMT
suggestion-box.475bccaf934ab20cb47d.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		19 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/suggestion-box.475bccaf934ab20cb47d.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
349f3e2de5639697a9374bd7bc7eef5bf6f89436d74e6fdacd59424c1e050f1e
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1057689
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
2815
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:C5B1_00000000:0050_643EE314_15552D1:383E
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:47:15 GMT
nav-subscribe.3a2570e6f67fc78f8bcb.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/nav-subscribe.3a2570e6f67fc78f8bcb.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
e1b1d09e3cad033741bdeb24f33f0e5e41720e514e26b948dd39adb93e94f04e
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1057691
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
1001
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:5049_00000000:0050_643EE312_23F56E6:383F
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:47:15 GMT
rmS7PV5znhbE7vnZ2dsihZ-970-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/rmS7PV5znhbE7vnZ2dsihZ-970-80.jpg.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.240.131.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
a763d5f2f92cc0397ae006353d9ce89b360a076d6d5da7bfab268441798e3c77

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
x-backend
default
x-svc-env
prod
age
1607873
xkey
/proof/rmS7PV5znhbE7vnZ2dsihZ.jpg
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
content-length
17972
x-svc-build-time
Tue Mar 21 16:09:25 UTC 2023
x-ftr-balancer
bulkproxyprodred
x-served-by
kodiak-varnish-65848cc5d7-4ckmv
x-ftr-request-id
00000000:7DA7_00000000:0050_64367DEE_54AF7:69B8
x-svc-go-version
1.17.8
server
Footprint Distributor V6.1.1162
etag
b7d98179dbee346813c076c074ad7e0e
x-svc-name
kodiak-mos-adapter-svc
vary
Origin
content-type
image/webp
x-ftr-backend-server
kube
cache-control
max-age=5184000
x-svc-version
latest
accept-ranges
bytes
expires
Sun, 11 Jun 2023 10:11:45 GMT
4s5UJK6uGRMgFY4kyZePT4-970-80.png.webp
cdn.mos.cms.futurecdn.net/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/4s5UJK6uGRMgFY4kyZePT4-970-80.png.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.240.131.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
e258c1e6a4cd7231667857b35525e8349b4ad8dc54f1faa3a33e00ec353292f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
x-backend
default
x-svc-env
prod
age
1607873
xkey
/proof/4s5UJK6uGRMgFY4kyZePT4.png
x-ftr-dc
uk-lon2
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
content-length
87642
x-svc-build-time
Tue Mar 21 16:09:25 UTC 2023
x-ftr-balancer
bulk-proxy-1
x-served-by
kodiak-varnish-65848cc5d7-4ckmv
x-ftr-request-id
00000000:7646_00000000:0050_64367DEF_5AC9C:EEB9
x-svc-go-version
1.17.8
server
Footprint Distributor V6.1.1162
etag
deeefeccf205ca7526ff2d690bf50931
x-svc-name
kodiak-mos-adapter-svc
vary
Origin
content-type
image/webp
x-ftr-backend-server
kube
cache-control
max-age=5184000
x-svc-version
latest
accept-ranges
bytes
expires
Sun, 11 Jun 2023 09:46:23 GMT
RfeAZnMsnRjGPFezWeNhe4-970-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/RfeAZnMsnRjGPFezWeNhe4-970-80.jpg.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.240.131.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
98cc3db651935ef90a59bb4cfc7092a3789e07e8f72f60204ec04a633d188d3e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
x-backend
default
x-svc-env
prod
age
1607873
xkey
/proof/RfeAZnMsnRjGPFezWeNhe4.jpg
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
content-length
6396
x-svc-build-time
Tue Mar 21 16:09:25 UTC 2023
x-ftr-balancer
bulkproxyprodred
x-served-by
kodiak-varnish-65848cc5d7-4ckmv
x-ftr-request-id
00000000:EDD6_00000000:0050_64367DED_54AE6:69B8
x-svc-go-version
1.17.8
server
Footprint Distributor V6.1.1162
etag
39649fcce9adb28527d7e0b6e472d3ed
x-svc-name
kodiak-mos-adapter-svc
vary
Origin
content-type
image/webp
x-ftr-backend-server
kube
cache-control
max-age=5184000
x-svc-version
latest
accept-ranges
bytes
expires
Sun, 18 Jun 2023 17:52:03 GMT
TDddJPsRCmdrr35SdPri7g-970-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/TDddJPsRCmdrr35SdPri7g-970-80.jpg.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.240.131.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
12698cee8f38b06ef3fb5919100e727148d01bd21ffc08a73a363714f942dcfc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
x-backend
default
x-svc-env
prod
age
1607873
xkey
/proof/TDddJPsRCmdrr35SdPri7g.jpg
x-ftr-dc
uk-lon2
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
content-length
28582
x-svc-build-time
Tue Mar 21 16:09:25 UTC 2023
x-ftr-balancer
bulk-proxy-1
x-served-by
kodiak-varnish-65848cc5d7-4ckmv
x-ftr-request-id
00000000:6757_00000000:0050_64367DED_5AC8A:EEB9
x-svc-go-version
1.17.8
server
Footprint Distributor V6.1.1162
etag
573c95f9f631d9e2519831e5547f3132
x-svc-name
kodiak-mos-adapter-svc
vary
Origin
content-type
image/webp
x-ftr-backend-server
kube
cache-control
max-age=5184000
x-svc-version
latest
accept-ranges
bytes
expires
Sun, 11 Jun 2023 09:46:23 GMT
PPkGvfbwS6oZMKbUEPhthT-970-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/PPkGvfbwS6oZMKbUEPhthT-970-80.jpg.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.240.131.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
d3fd0d32cf1665a7522326927a6887aeccbdadb3c86261cf59ae5ae480c27885

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
x-backend
default
x-svc-env
prod
age
1607873
xkey
/proof/PPkGvfbwS6oZMKbUEPhthT.jpg
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
content-length
16900
x-svc-build-time
Tue Mar 21 16:09:25 UTC 2023
x-ftr-balancer
bulkproxyprodred
x-served-by
kodiak-varnish-65848cc5d7-4ckmv
x-ftr-request-id
00000000:A958_00000000:0050_64367DEE_54AEE:69B8
x-svc-go-version
1.17.8
server
Footprint Distributor V6.1.1162
etag
40e9d12c8047250442925db89abdd163
x-svc-name
kodiak-mos-adapter-svc
vary
Origin
content-type
image/webp
x-ftr-backend-server
kube
cache-control
max-age=5184000
x-svc-version
latest
accept-ranges
bytes
expires
Sun, 11 Jun 2023 09:46:23 GMT
DGFfndGudmnBZS5q3fET9b-970-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/DGFfndGudmnBZS5q3fET9b-970-80.jpg.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.240.131.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
7862958bb677f3951d21f8c0f30011b4e3fe2a3a63fbbbe5bbe322be6da77e61

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
x-backend
default
x-svc-env
prod
age
1607873
xkey
/proof/DGFfndGudmnBZS5q3fET9b.jpg
x-ftr-dc
uk-lon2
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
content-length
16616
x-svc-build-time
Tue Mar 21 16:09:25 UTC 2023
x-ftr-balancer
bulk-proxy-1
x-served-by
kodiak-varnish-65848cc5d7-4ckmv
x-ftr-request-id
00000000:E73F_00000000:0050_64367DEF_5AC96:EEB9
x-svc-go-version
1.17.8
server
Footprint Distributor V6.1.1162
etag
81a96e2bfc5adc198fa4939a3afe5514
x-svc-name
kodiak-mos-adapter-svc
vary
Origin
content-type
image/webp
x-ftr-backend-server
kube
cache-control
max-age=5184000
x-svc-version
latest
accept-ranges
bytes
expires
Fri, 16 Jun 2023 12:50:32 GMT
HcSdhSmD9jxnNPoycWtFuf-970-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/HcSdhSmD9jxnNPoycWtFuf-970-80.jpg.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.240.131.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
0b04613431b1edd6cd7f6c563217ecaec8350f2a141425dc6fb30e688d774a8c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
x-backend
default
x-svc-env
prod
age
1607873
xkey
/proof/HcSdhSmD9jxnNPoycWtFuf.jpg
x-ftr-dc
uk-lon2
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
content-length
13162
x-svc-build-time
Tue Mar 21 16:09:25 UTC 2023
x-ftr-balancer
bulk-proxy-1
x-served-by
kodiak-varnish-65848cc5d7-4ckmv
x-ftr-request-id
00000000:6757_00000000:0050_64367DEF_5AC99:EEB9
x-svc-go-version
1.17.8
server
Footprint Distributor V6.1.1162
etag
c7217f691afdc72d35000f52a4a52417
x-svc-name
kodiak-mos-adapter-svc
vary
Origin
content-type
image/webp
x-ftr-backend-server
kube
cache-control
max-age=5184000
x-svc-version
latest
accept-ranges
bytes
expires
Sat, 17 Jun 2023 16:28:26 GMT
xzv2Re2dhcgVXQHFsQJabg-1200-80.png.webp
cdn.mos.cms.futurecdn.net/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/xzv2Re2dhcgVXQHFsQJabg-1200-80.png.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.240.131.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
6fbaf2336408c342199cb374b13009e6b7f5d51f8b3fc4d6737eb091b4316b18

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
x-backend
default
x-svc-env
prod
age
1608395
xkey
/proof/xzv2Re2dhcgVXQHFsQJabg.png
x-ftr-dc
uk-lon2
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
content-length
35000
x-svc-build-time
Tue Mar 21 16:09:25 UTC 2023
x-ftr-balancer
bulk-proxy-1
x-served-by
kodiak-varnish-65848cc5d7-4ckmv
x-ftr-request-id
00000000:AB03_00000000:0050_64367BE2_590BB:EEB9
x-svc-go-version
1.17.8
server
Footprint Distributor V6.1.1162
etag
5ae1501a520fde7dae79190ef03eae36
x-svc-name
kodiak-mos-adapter-svc
vary
Origin
content-type
image/webp
x-ftr-backend-server
kube
cache-control
max-age=5184000
x-svc-version
latest
accept-ranges
bytes
expires
Sun, 11 Jun 2023 10:09:57 GMT
LXUGMsM76TZFUMCwm9Eu27-1200-80.png.webp
cdn.mos.cms.futurecdn.net/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/LXUGMsM76TZFUMCwm9Eu27-1200-80.png.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.240.131.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
aae46588e22c3f48aba79a31219636b6ba9f4797b400f3e78f35e75b353607c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
x-backend
default
x-svc-env
prod
age
1164767
xkey
/proof/LXUGMsM76TZFUMCwm9Eu27.png
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
content-length
26722
x-svc-build-time
Tue Mar 21 16:09:25 UTC 2023
x-ftr-balancer
bulkproxyprodred
x-served-by
kodiak-varnish-65848cc5d7-4ckmv
x-ftr-request-id
00000000:51F8_00000000:0050_643D40D0_4B34E3:34F7
x-svc-go-version
1.17.8
server
Footprint Distributor V6.1.1162
etag
baf744fbd88013abd7e72fabf57bbc72
x-svc-name
kodiak-mos-adapter-svc
vary
Origin
content-type
image/webp
x-ftr-backend-server
kube
cache-control
max-age=5184000
x-svc-version
latest
accept-ranges
bytes
expires
Fri, 16 Jun 2023 12:56:08 GMT
SCSrRdpJBGc6DocBHHS8jg-1200-80.png.webp
cdn.mos.cms.futurecdn.net/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/SCSrRdpJBGc6DocBHHS8jg-1200-80.png.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.240.131.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
28bc2280781d820509c72c551b779595cbd4a74126bb376d8feebd06a9b572f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
x-backend
default
x-svc-env
prod
age
1608509
xkey
/proof/SCSrRdpJBGc6DocBHHS8jg.png
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
content-length
22738
x-svc-build-time
Tue Mar 21 16:09:25 UTC 2023
x-ftr-balancer
bulkproxyprodred
x-served-by
kodiak-varnish-65848cc5d7-4ckmv
x-ftr-request-id
00000000:B7DA_00000000:0050_64367B71_52889:69B8
x-svc-go-version
1.17.8
server
Footprint Distributor V6.1.1162
etag
190399c8753dd8bc54009c1d20a7f1d4
x-svc-name
kodiak-mos-adapter-svc
vary
Origin
content-type
image/webp
x-ftr-backend-server
kube
cache-control
max-age=5184000
x-svc-version
latest
accept-ranges
bytes
expires
Sun, 11 Jun 2023 09:38:07 GMT
aF9mPAcoG5EZwNgo6gNUBh-1200-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/aF9mPAcoG5EZwNgo6gNUBh-1200-80.jpg.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.240.131.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
8fc3f5c6ae75700026ae34a5f17d10c0814ff5703357e4e36fc7d29ff2abbb67

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
x-backend
default
x-svc-env
prod
age
1063749
xkey
/proof/aF9mPAcoG5EZwNgo6gNUBh.jpg
x-ftr-dc
uk-lon2
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
content-length
17770
x-svc-build-time
Tue Mar 21 16:09:25 UTC 2023
x-ftr-balancer
bulk-proxy-1
x-served-by
kodiak-varnish-65848cc5d7-4ckmv
x-ftr-request-id
00000000:A2B1_00000000:0050_643ECB68_635C2F:11D88
x-svc-go-version
1.17.8
server
Footprint Distributor V6.1.1162
etag
b89f1caab0a2f696f1a8e556466b9088
x-svc-name
kodiak-mos-adapter-svc
vary
Origin
content-type
image/webp
x-ftr-backend-server
kube
cache-control
max-age=5184000
x-svc-version
latest
accept-ranges
bytes
expires
Sat, 17 Jun 2023 16:59:14 GMT
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1682900656245&plid=46795&idsite=itpro.com&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&sref=&sts=1682900656231&slts=0&title=6+of+the+best+free+malware+removal+tools+for+SMBs+in+2023+%7C+ITPro&date=Mon+May+01+2023+00%3A24%3A16+GMT%2B0000+(GMT)&action=pageview&pvid=11935003&u=pid%3D460d4b230d22c9d8053d856606082d44
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-167-202.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:16 GMT
Cache-Control
no-cache
Last-Modified
Monday, 01-May-2023 00:24:16 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
publisher:getClientId
ampcid.google.com/v1/ 		74 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.itpro.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
hybrid_id
ads.servebom.com/ 		43 B
354 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servebom.com/hybrid_id
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
189b878931763a0d99110db261a60447809619f65ce14def44fdeee8a6cd328a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
https://www.itpro.com
date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
69
x-hw
1682900656.cds198.dc2.hn,1682900656.cds004.dc2.sc,1682900656.cds004.dc2.p
content-type
application/json
/
sommelier.futurehybrid.tech/config/ 		11 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sommelier.futurehybrid.tech/config/?r=163&tpl=article&l=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&sw=1600
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.6.168.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-168-233.compute-1.amazonaws.com
Software
/
Resource Hash
c553b9905b4f3e780c458c3d71ad585ab5048a217d5c9bc2d06d28010863f182
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:24:16 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
popularBox.js
slice.vanilla.futurecdn.net/11-0-2/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slice.vanilla.futurecdn.net/11-0-2/js/popularBox.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e25463f998d8185abfd114fc94abb218682898b619c3d3721adf375ffb95b162
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31536000
age
555909
x-cache
HIT
x-ftr-backend
van-prod
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4532
x-served-by
cache-yyz4520-YYZ
x-ftr-balancer
vanilla-mochi-http-haproxy-prod-1
x-ftr-request-id
00000000000000000000FFFF9D344016:1D90_00000000000000000000FFFFB9711932:01BB_64468B26_152DEAA:96EBD
last-modified
Mon, 24 Apr 2023 10:01:12 GMT
x-timer
S1682900656.434678,VS0,VE0
etag
W/"36a1-187b2b5d208"
vary
accept-encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
3869
localeSelector.js
slice.vanilla.futurecdn.net/11-0-2/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slice.vanilla.futurecdn.net/11-0-2/js/localeSelector.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eed684f280f990b072c6578a25b58f40da97c72120c8863ca5e21991a7ab1067
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31536000
age
555910
x-cache
HIT
x-ftr-backend
van-prod
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7216
x-served-by
cache-yyz4520-YYZ
x-ftr-balancer
vanilla-mochi-http-haproxy-prod-1
x-ftr-request-id
00000000000000000000FFFF9D34403F:B364_00000000000000000000FFFFB9711932:01BB_64468B26_152DE98:96EBD
last-modified
Mon, 24 Apr 2023 10:01:12 GMT
x-timer
S1682900656.434462,VS0,VE0
etag
W/"5f41-187b2b5d208"
vary
accept-encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
12031
regionRedirectBanner.js
slice.vanilla.futurecdn.net/11-0-2/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slice.vanilla.futurecdn.net/11-0-2/js/regionRedirectBanner.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
be6df29fec7557868e70308f8e4c492a8e941e0c44b6f88ce6176021b1ea257c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31536000
age
555907
x-cache
HIT
x-ftr-backend
van-prod
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1521
x-served-by
cache-yyz4520-YYZ
x-ftr-balancer
vanilla-mochi-http-haproxy-prod-2
x-ftr-request-id
00000000000000000000FFFF9D344029:3F16_00000000000000000000FFFFB9711938:01BB_64468B26_28F2DD7:35295F
last-modified
Mon, 24 Apr 2023 10:01:12 GMT
x-timer
S1682900656.434670,VS0,VE0
etag
W/"e78-187b2b5d208"
vary
accept-encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
12556
meta-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=200&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%2C%22gdpr%22%3A%7B%7D%7D&propertyId=30869&ch=null&scriptVersion=4.8.0&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-20.jfk50.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.itpro.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
76235
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Sun, 30 Apr 2023 03:13:41 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-id
Vvuc4XO4uPQ0ppWWFkPpATCu7WgYYsYCM7cn1Z_2RYUMYVtjGi4yLA==
x-amz-cf-pop
JFK50-P7
x-cache
Hit from cloudfront
x-powered-by
Express
meta-data
cdn.privacy-mgmt.com/wrapper/v2/ 		300 B
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=200&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%2C%22gdpr%22%3A%7B%7D%7D&propertyId=30869&ch=null&scriptVersion=4.8.0&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-20.jfk50.r.cloudfront.net
Software
/ Express
Resource Hash
b1d77ba56a8929ba032798cc5c16af6a4c3bf5ecbcd8549bb32fdcf479e121ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Apr 2023 23:55:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
age
1703
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
300
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
15I9OoS-_dc_Pi_KWHj8wqV5PE6zLzh1FEDBYgTM9885_Zkcy8K7Ng==
f563efa7-d7f4-463d-9955-39f9271dd2ab
https://www.itpro.com/ 		553 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.itpro.com/f563efa7-d7f4-463d-9955-39f9271dd2ab
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6c79b5559654c57bb181aebc74a4687abf0d9f5e64fd75ddaf9b612ee829e7a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
565950
Content-Type
translations.php
search-api.fie.futurecdn.net/ 		32 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/translations.php?language=en-CA
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/responsive.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95c832d87d667c2fffc317d8723616f857790b346aa0b493d37cb9bd6d145cdd
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
691
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
fie-api
x-ftr-cache-status
HIT
content-length
10408
x-ftr-expires
Mon, 01 May 2023 00:32:45 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer
hawkproxyprodred
x-served-by
cache-lon420111-LON, cache-yul12833-YUL
x-ftr-request-id
00000000:73F0_00000000:01BB_644F03FD_4AC8FE2:7967
x-timer
S1682900657.514857,VS0,VE0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8;
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodred
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits
1, 60
publisher:getClientId
ampcid.google.ca/v1/ 		3 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.ca/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.itpro.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
messages
cdn.privacy-mgmt.com/wrapper/v2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A200%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Afalse%7D%2C%22gdpr%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=412849145418297616ee16&scriptVersion=4.8.0&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-20.jfk50.r.cloudfront.net
Software
/ Express
Resource Hash
fea6457068b0f1ca04d4da2b83244d4bb6584345be8f9a97ca8f1b253cfd25a1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
kWt9zTONpoPXAu0Biw5mO4NB_qJr0tR2FT2AMzlzHDNh4ntrx7i1Cg==
messages
cdn.privacy-mgmt.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A200%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Afalse%7D%2C%22gdpr%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=412849145418297616ee16&scriptVersion=4.8.0&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-20.jfk50.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.itpro.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Mon, 01 May 2023 00:24:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-id
irzz05DEWfEmaEpMatMU6VmAaxMEIIaVaIgjeyRSBOu91rLDBIw-4g==
x-amz-cf-pop
JFK50-P7
x-cache
Miss from cloudfront
x-powered-by
Express
setup-model.js
search-api.fie.futurecdn.net/js/w/es6/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/ 		112 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/js/w/es6/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/setup-model.js
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/responsive.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3f850b873a6a2db355fec9fbaaa13b585498b128c72f877ef0a75f3f1749b089
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
298592
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
fie-assets
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Fri, 26 Apr 2024 13:27:44 GMT
x-ftr-balancer
hawk-proxy-185-113-25-36
x-served-by
cache-lon420133-LON, cache-yul12830-YUL
x-ftr-request-id
00000000:3C46_00000000:01BB_644A7850_13CBF5B:5C9E
last-modified
Thu, 27 Apr 2023 10:24:07 GMT
x-timer
S1682900657.561896,VS0,VE0
etag
W/"644a4d47-1bec2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodwhite
cache-control
max-age=31536000, immutable, stale-if-error=172800, stale-while-revalidate=172800
content-length
28540
accept-ranges
bytes
x-cache-hits
1, 9205
setup-seasonal.js
search-api.fie.futurecdn.net/js/w/es6/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/js/w/es6/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/setup-seasonal.js
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/responsive.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
072b55359f2331e73f47f41e96fe5c7d640eaee1a1343d81e9c59477bbaf636f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
298592
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
fie-assets
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Fri, 26 Apr 2024 13:27:44 GMT
x-ftr-balancer
hawkproxyprodblue
x-served-by
cache-lon4246-LON, cache-yul12830-YUL
x-ftr-request-id
00000000:3B9A_00000000:01BB_644A784D_9CB400:6C1F
last-modified
Thu, 27 Apr 2023 10:24:07 GMT
x-timer
S1682900657.562803,VS0,VE0
etag
W/"644a4d47-8b0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodwhite
cache-control
max-age=31536000, immutable, stale-if-error=172800, stale-while-revalidate=172800
content-length
977
accept-ranges
bytes
x-cache-hits
1, 10515
YYRngYhb
cdn.jwplayer.com/v2/playlists/ 		43 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/YYRngYhb
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-carousel-desktop-responsive.ba6ba5c75457b16c3d7c.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:8a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
cbbb94fc3e4ec8c15701ce42f592ec52388864b324086e8c541792c9d0df5bc6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
via
1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
6275
x-amz-cf-id
gt135OXD4zYfqMpH88pXr7KqDWdlHupPR9ZKBK4nEiaXrRuuISwAvQ==
expires
Mon, 01 May 2023 00:26:24
aWeJUC35.js
content.jwplatform.com/libraries/ 		119 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/libraries/aWeJUC35.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-carousel-desktop-responsive.ba6ba5c75457b16c3d7c.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:7600:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
a09bd89b87d2bd81605ca782ebae0be305c86773542f899170a57a78b0e19cc9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
via
1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
44670
x-amz-cf-id
jPc7WVyNfkoLrOtiaMnNWsBQyn4llCsUI0Fh8M73On_HDc1KWb5Cag==
seasonal.php
search-api.fie.futurecdn.net/ 		58 B
729 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/seasonal.php?article_type=buying_guide&article_category=retail&language=en-CA&site=ITPRO&device=desktop&origin=widgets-clientside
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/responsive.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8feb88d54326d8b62ded416cc77970ca3939ef3c293e14d45cce83ef1d965783
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
226
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, MISS
x-ftr-realm
pip
x-ftr-backend
fie-api
x-ftr-cache-status
HIT
content-length
55
x-ftr-expires
Mon, 01 May 2023 00:40:30 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer
hawk-proxy-185-113-25-40
x-served-by
cache-lon420138-LON, cache-yul12833-YUL
x-ftr-request-id
00000000:886E_00000000:01BB_644F0632_30FD1EE:0543
x-timer
S1682900657.623573,VS0,VE92
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8;
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodwhite
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits
1, 0
widget.php
search-api.fie.futurecdn.net/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/widget.php?model_name=TechRadar%20Magazines&article_type=buying_guide&article_category=retail&language=en-CA&site=ITPRO&filter_product_types=deals%2Csubscriptions&rows=1&device=desktop&origin=widgets-clientside
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/responsive.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
02772bffc82945302ae3bee646123b6a2bd2e7d37e50aee168251197c0ee12c2
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
225
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, MISS
x-ftr-realm
pip
x-ftr-backend
fie-api
x-ftr-cache-status
HIT
content-length
1395
x-ftr-expires
Mon, 01 May 2023 00:40:31 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer
hawkproxyprodred
x-served-by
cache-lon4274-LON, cache-yul12833-YUL
x-ftr-request-id
00000000:5444_00000000:01BB_644F0632_4ADAF13:7967
x-timer
S1682900657.628956,VS0,VE79
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8;
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodred
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits
1, 0
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=412849145418297616ee16&scriptVersion=4.8.0&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-20.jfk50.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.itpro.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://www.itpro.com
allow
POST
cache-control
no-cache, no-store
content-length
4
content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:24:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-id
BtDMWXF17t5rBER4Q8D2ZOidlmKrn-qFX3nyBREHTZeF-d56U5STSw==
x-amz-cf-pop
JFK50-P7
x-cache
Miss from cloudfront
x-powered-by
Express
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=412849145418297616ee16&scriptVersion=4.8.0&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-20.jfk50.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.itpro.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://www.itpro.com
allow
POST
cache-control
no-cache, no-store
content-length
4
content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:24:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-id
732sYeLjhjsW0T7uOQEPCRmwE6GeORDnoAt4kK9S7FS7D3Wty0J_Kw==
x-amz-cf-pop
JFK50-P7
x-cache
Miss from cloudfront
x-powered-by
Express
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 01 May 2023 00:24:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27967
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
lgRMvM7XYT2YswdHn1bqjMvrX13Ufe5QyYGDeeM6bIYd1jNsGhFnHeGqP+SroDUJFC1EQ7wg7EHt6ysxwTM9uA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
hit.gif
uk-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uk-script.dotmetrics.net/hit.gif?id=12368&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&dom=www.itpro.com&r=1682900656624&pvs=1&pvid=81c2264b-dffe-4f3b-ac2d-89aada47b85c&c=true&tzOffset=0&doorUrl=http%3a%2f%2fuk-script.dotmetrics.net%2fdoor.js%3fd%3dwww.itpro.com%26t%3ditprous
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-44.ewr52.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
dotmetrics-hit-status
01 OK
via
1.1 a1882a601559755135741e91a9f86c28.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
EWR52-C4
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
y_4XyHlia7L1S3_92UKUa_cBix8VZRIazIcUPFmOtUSREkkZdfcOAQ==
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=12368&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&dom=www.itpro.com&r=1682900656624&pvs=1&pvid=81c2264b-dffe-4f3b-ac2d-89aada47b85c&c=true&tzOffset=0
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:f000:d:5ce3:a4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:44:01 GMT
via
1.1 47f167ca4b48d927b2e7abade7ebfcfc.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 12:25:02 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
67216
x-amz-server-side-encryption
AES256
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
fawtdaqawU_Kbc3A-BUdABJYWvikfMTpH77QECbc81w0W5nz0xWrEA==
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ 		190 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=412849145418297616ee16&scriptVersion=4.8.0&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-20.jfk50.r.cloudfront.net
Software
/ Express
Resource Hash
44c61df2e983d2ed1669f0d9552bd3ebe0c9aec437821914516ee5affa7c5d45
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.itpro.com
x-cache
Miss from cloudfront
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length
190
x-amz-cf-id
8RovaeLI5KrdvGfptB1vBSYCbNbi4R4rKKhRamf-M3goQyREu5qVDQ==
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ 		195 B
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=412849145418297616ee16&scriptVersion=4.8.0&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-20.jfk50.r.cloudfront.net
Software
/ Express
Resource Hash
173af91088314cc34d9c86e0f3c5dbef92ef392c26e084314dd3604cc6567b9b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 75b993b111cd9fbf19d5284ea3de78ec.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.itpro.com
x-cache
Miss from cloudfront
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length
195
x-amz-cf-id
Acy782W3--PMlPxKeAMFYBpwyEVywpFpt8Tk_5rfya6Gb3wDLaib0Q==
collect
stats.g.doubleclick.net/j/ 		4 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-1011119-1&cid=177419201.1682900657&jid=1094625028&gjid=1811703746&_gid=36470777.1682900657&_u=aGBAgEABBAQCAEAAI~&z=1528599523
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 01 May 2023 00:24:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1267059334&t=pageview&_s=1&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&ul=en-us&de=UTF-8&dt=6%20of%20the%20best%20free%20malware%20removal%20tools%20for%20SMBs%20in%202023%20%7C%20ITPro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEABBAQCAAAAI~&jid=1094625028&gjid=1811703746&cid=177419201.1682900657&tid=UA-1011119-1&_gid=36470777.1682900657&cd57=null&cd40=6_of_the_best_free_malware_removal_tools_in_2023&cd41=Malware%7CTool%7CFreeware%7CFree_software&cd42=Software&cd43=Microsoft%7CMalwarebytes%7CAvast%7CBitdefender&cd45=6_of_the_best_free_malware_removal_tools_in_2023&cd46=Malware&cd47=6_of_the_best_free_malware_removal_tools_in_2023&cd50=6&cd51=false&cd58=Malware%7CSecurity&cd74=&cd13=false&cd10=EN-US&cd5=itpro-pages-28083&cd7=connor_jones&cd99=0&cd128=08-03-2019&cd1=buying-guide&cd2=&cd3=malware%7Csecurity&cd6=%7Caccess-metered%7Csourcesocial%7Cserversidehawk&cd8=08-03-2019&cd27=673941&cd33=text%2Ctext%2Ctext%2Cembed%2Ctext%2Ctext%2Cheading%2Cimage%2Ctext%2Ctext%2Ctext%2Ctext%2Ctext%2Ctext%2Ctext%2Cheading%2Cimage%2Ctext%2Ctext%2Ctext%2Ctext%2Ctext%2Cheading%2Cimage%2Cboxout%2Ctext%2Ctext%2Ctext%2Ctext%2Cheading%2Cimage%2Ctext%2Ctext%2Ctext%2Ctext%2Cheading%2Cimage%2Ctext%2Ctext%2Ctext%2Ctext%2Ctext%2Cheading%2Cimage%2Ctext%2Ctext%2Ctext&cd53=2019-03-08T12%3A12%3A00Z&cd61=pageLoad&cd95=buying-guide&cd106=0&cd126=en&cd127=GB%7CUS&cd134=accessmetered%7Csourcesocial%7Cserversidehawk&cd31=9.3&cd30=4g&cd70=SIGNUP%20-%20Side%20Bar%3A1&z=1708410484
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 10:04:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51560
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1267059334&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&ul=en-us&de=UTF-8&dt=6%20of%20the%20best%20free%20malware%20removal%20tools%20for%20SMBs%20in%202023%20%7C%20ITPro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=future_id&ea=set%20hybrid_id&el=&_u=aGBAgEABBAQCAEAAI~&jid=&gjid=&cid=177419201.1682900657&tid=UA-1011119-1&_gid=36470777.1682900657&cd57=null&cd40=6_of_the_best_free_malware_removal_tools_in_2023&cd41=Malware%7CTool%7CFreeware%7CFree_software&cd42=Software&cd43=Microsoft%7CMalwarebytes%7CAvast%7CBitdefender&cd45=6_of_the_best_free_malware_removal_tools_in_2023&cd46=Malware&cd47=6_of_the_best_free_malware_removal_tools_in_2023&cd50=6&cd51=false&cd58=Malware%7CSecurity&cd74=&cd13=false&cd10=EN-US&cd5=itpro-pages-28083&cd7=connor_jones&cd99=0&cd128=08-03-2019&cd1=buying-guide&cd2=&cd3=malware%7Csecurity&cd6=%7Caccess-metered%7Csourcesocial%7Cserversidehawk&cd8=08-03-2019&cd27=673941&cd33=text%2Ctext%2Ctext%2Cembed%2Ctext%2Ctext%2Cheading%2Cimage%2Ctext%2Ctext%2Ctext%2Ctext%2Ctext%2Ctext%2Ctext%2Cheading%2Cimage%2Ctext%2Ctext%2Ctext%2Ctext%2Ctext%2Cheading%2Cimage%2Cboxout%2Ctext%2Ctext%2Ctext%2Ctext%2Cheading%2Cimage%2Ctext%2Ctext%2Ctext%2Ctext%2Cheading%2Cimage%2Ctext%2Ctext%2Ctext%2Ctext%2Ctext%2Cheading%2Cimage%2Ctext%2Ctext%2Ctext&cd53=2019-03-08T12%3A12%3A00Z&cd61=pageLoad&cd95=buying-guide&cd106=0&cd126=en&cd127=GB%7CUS&cd134=accessmetered%7Csourcesocial%7Cserversidehawk&cd31=9.3&cd30=4g&cd70=SIGNUP%20-%20Side%20Bar%3A1&cd77=C4D23FADB0DD48F690334327BB251A4D&z=776787795
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 10:04:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51560
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pxid
6093eccf-6734-4877-ac8b-83d6d0e27b46.prmutv.co/v2.0/ 		46 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://6093eccf-6734-4877-ac8b-83d6d0e27b46.prmutv.co/v2.0/pxid?k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e677777de8b8e8c50487abe6e0605f67605f5bb77e2c272d90280da1e1876dbd

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:16 GMT
AN-X-Request-Uuid
d10a1302-33e6-4fdc-adec-51ebb4c668d4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.itpro.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
6093eccf-6734-4877-ac8b-83d6d0e27b46-models.bin
cdn.permutive.com/models/v2/ 		285 KB
197 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/6093eccf-6734-4877-ac8b-83d6d0e27b46-models.bin
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3089fe7fc34e4d38d5218b461fcd42d73e882807a712559dd7d443d21ac04903

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
6093eccf-6734-4877-ac8b-83d6d0e27b46
age
0
x-guploader-uploadid
ADPycds-Y3alReE43_gQ2r6pF0C31vYqNBVO4MzXdJV8tfndMSSdOE0yBkw4Q0U8NEHAffCq7Su7gAE1yIzy0uHILCDii9XKECYV
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
201275
last-modified
Sun, 30 Apr 2023 06:02:58 GMT
server
cloudflare
etag
"3ab55f91d14cc60b2adf7155b253ac48"
vary
Accept-Encoding
x-goog-generation
1682834578614135
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=pT8GjA==, md5=OrVfkdFMxgsq33FVslOsSA==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
201275
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c03e1708ebd544f-YYZ
expires
Mon, 01 May 2023 00:09:32 GMT
geoip
api.permutive.com/v2.0/ 		249 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
65e46732d0930db4f321ac805a0838672ce0345e7590a32b66c6ef879fd65147

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
178
watson
api.permutive.com/v2.0/ 		274 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
762ddcc06aebec529c7b40412fa4a0348c6146ba2771aaacdace42808cf4291a

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
218
99dee449-2c89-402c-bdd6-1fe927cf2f30
https://www.itpro.com/ 		553 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.itpro.com/99dee449-2c89-402c-bdd6-1fe927cf2f30
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6c79b5559654c57bb181aebc74a4687abf0d9f5e64fd75ddaf9b612ee829e7a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
565950
Content-Type
merchant-domains.php
search-api.fie.future.net.uk/ 		565 KB
97 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.future.net.uk/merchant-domains.php?site=ITPROUS
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/hl/es6/hawklinks.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.113.25.52 London, United Kingdom, ASN20596 (FUTURE, GB),
Reverse DNS
Software
/
Resource Hash
5e366d7645d927d35d78aabdea884608aa387397bded98bc84446bf79f0779e6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:16:01 GMT
Content-Encoding
gzip
X-Hawk-Country
Age
495
X-Hawk-Area
CA
X-FTR-DC
IX
X-FTR-Realm
pip
X-FTR-Backend
fie-api
X-FTR-Cache-Status
HIT
Content-Length
98725
X-FTR-Expires
Mon, 01 May 2023 00:36:01 GMT
X-FTR-Balancer
hawk-proxy-185-113-25-36
X-FTR-Request-ID
00000000:927C_00000000:01BB_644F06B0_18A7954:5C9D
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8;
Access-Control-Allow-Origin
*
X-FTR-Backend-Server
fievarnishprodred
Cache-Control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
2482549652030483
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2482549652030483?v=2.9.102&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a2db6fe3b00487f7179554094a5ba066752fbfd1fd23d5ee85c79f092a626938
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 01 May 2023 00:24:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110247
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
eYX2h/rCa/1puswYfM67INPLJNSEJI9x9nzrM6HiHk6speLC473d2v5DguhAV488UE5XqzKChHaluXZsQFXwug==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
script.js
uk-script.dotmetrics.net/Scripts/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/Scripts/script.js?v=224
Requested by
Host: uk-script.dotmetrics.net
URL: https://uk-script.dotmetrics.net/door.js?d=www.itpro.com&t=itprous
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-44.ewr52.r.cloudfront.net
Software
Kestrel /
Resource Hash
69bc6a7d93e0fb524d0872c1be88834c14147d5ae7da3c71fdeb7574359ea9ae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
br
via
1.1 a1882a601559755135741e91a9f86c28.cloudfront.net (CloudFront)
last-modified
Fri, 21 Apr 2023 07:17:58 GMT
server
Kestrel
x-amz-cf-pop
EWR52-C4
etag
"1d97421661c9589"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
9bhn1kerzUCDf_MJubCVRbLD7ZEIu8rTlxp8JMWYZt66WXcZLJeDeg==
inference.js
ssl.p.jwpcdn.com/player/plugins/inference/v/0.7.1/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/plugins/inference/v/0.7.1/inference.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3b17f9af560b005fba3b568590792d952f2bd4a9e5cfe0357b0ecdd545ca16c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
via
1.1 varnish
age
18030886
x-cache
HIT
content-length
5464
x-served-by
cache-yyz4534-YYZ
last-modified
Mon, 04 Oct 2021 07:39:43 GMT
server
AmazonS3
x-timer
S1682900657.839319,VS0,VE0
etag
"a777fcd9584e62f04dc53d548d8adb31"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
accept-ranges
bytes
x-cache-hits
117876
googima.js
ssl.p.jwpcdn.com/player/v/8.26.9/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/googima.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a7a659a1b8a811f331f5b6fd5d0eed07a4ce6d43adbf7be275edeb526553b7a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
via
1.1 varnish
age
14035
x-cache
HIT
content-length
21872
x-served-by
cache-yyz4534-YYZ
last-modified
Mon, 27 Mar 2023 20:13:26 GMT
server
AmazonS3
x-timer
S1682900657.840184,VS0,VE0
etag
"19040322fd3ffc0e16b5d36646e6f667"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
9885
bidding.js
ssl.p.jwpcdn.com/player/v/8.26.9/ 		355 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66732ac5ea743b7c5041ea968062eb32ade9edd4d26dc934388b4f0f222c8a75

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
via
1.1 varnish
age
2831
x-cache
HIT
content-length
113784
x-served-by
cache-yyz4534-YYZ
last-modified
Mon, 27 Mar 2023 20:13:13 GMT
server
AmazonS3
x-timer
S1682900657.840144,VS0,VE0
etag
"0e0ed37fc1127ef6ecd88c4de7f72ef7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
503
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.26.9/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/jwpsrv.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
adcc812e959337ea806767e296146eae68f9abbb9f196cdb732626bb943a1c27

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
via
1.1 varnish
age
655
x-cache
HIT
content-length
19101
x-served-by
cache-yyz4534-YYZ
last-modified
Wed, 26 Apr 2023 15:46:14 GMT
server
AmazonS3
x-timer
S1682900657.840103,VS0,VE0
etag
"091cf336ba8e3328147ba88e7a9ff40c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
689
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.26.9/ 		316 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/jwplayer.core.controls.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35334400bec8f4c230e7b91c17c4cc96e17caebb6e144bf43dab0e57c4cf90e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
via
1.1 varnish
age
2865238
x-cache
HIT
content-length
84566
x-served-by
cache-yyz4534-YYZ
last-modified
Mon, 27 Mar 2023 20:13:21 GMT
server
AmazonS3
x-timer
S1682900657.840081,VS0,VE0
etag
"3c5ff110bccc0950103d3f24d854eac2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
184305
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.26.9/ 		384 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/provider.hlsjs.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c5a33eaec1f774cc6795ae95883441e2b5a34794d5a7ac2780e3fd7e55a0544

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
via
1.1 varnish
age
2865237
x-cache
HIT
content-length
114232
x-served-by
cache-yyz4534-YYZ
last-modified
Mon, 27 Mar 2023 20:13:23 GMT
server
AmazonS3
x-timer
S1682900657.840039,VS0,VE0
etag
"f8f2c425fdf03e4ff59fcf93935a5461"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
115788
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
974eb8ae30d7f16b36951d2587ee3e0b7d5f1c7fe3dddcf404379c019882faad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24755
x-xss-protection
0
server
cafe
etag
2 / 19478 / m202304250101 / config-hash: 17856767610576847833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 01 May 2023 00:24:16 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 28 Apr 2023 20:15:41 GMT
Content-Encoding
gzip
Via
1.1 c2439c5d69ec72a2ab666c2eba104244.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P8
Age
187716
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
MTZuk7mUpaJdn0ZhSnI3DXOrGh54e4EnHZuYKvpCmykmAtf08hqXuA==
[request].97fa6f1a01a3ed09615a.js
bordeaux.futurecdn.net/ 		303 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
82061d5aac200e4ae6e6beca7e5361b0971f08d848febb283e8e18e62f3383a2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
bordeaux-version
latest
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 27 Mar 2023 14:21:15 GMT
etag
W/"6421a65b-4bdd4"
x-hw
1682900656.cds031.dc2.hn,1682900656.cds215.dc2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
97586
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1011119-1&cid=177419201.1682900657&jid=1094625028&_u=aGBAgEABBAQCAEAAI~&z=1958446728
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1011119-1&cid=177419201.1682900657&jid=1094625028&_u=aGBAgEABBAQCAEAAI~&z=1958446728
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
promotion.js
search-api.fie.futurecdn.net/js/w/es6/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/js/w/es6/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/promotion.js
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/responsive.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6f30512918099b651f305fa9c9c508b9e10ba105f0e89d8ad6af79c19bea1a4e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
298591
x-hawk-area
CA
x-ftr-dc
IX
x-cache
MISS, HIT
x-ftr-realm
pip
x-ftr-backend
fie-assets
x-ftr-cache-status
HIT
content-length
1217
x-ftr-expires
Fri, 26 Apr 2024 13:27:44 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer
hawk-proxy-185-113-25-40
x-served-by
cache-lon4279-LON, cache-yul12829-YUL
x-ftr-request-id
00000000:9DBE_00000000:01BB_644A7853_B0A897:0542
last-modified
Thu, 27 Apr 2023 10:24:07 GMT
x-timer
S1682900657.923945,VS0,VE0
etag
W/"644a4d47-10ac"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodred
cache-control
max-age=31536000, immutable, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges
bytes
x-cache-hits
0, 6870
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
eead96b8fdc985531b5713ce6cf044b1c4a17d17b5a51d80a19a85bff39e681a

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
apstag.js
c.amazon-adsystem.com/aax2/ 		227 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5336e341bf88d1798de998944eb812582d4f522583b3be6fe4b366f6bb9426a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:15:42 GMT
content-encoding
gzip
via
1.1 7a887c7cb9fe4a7abca02d85e8b196e8.cloudfront.net (CloudFront), 1.1 c790ffcab27717f283a6e87f31c6d65a.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 19:15:17 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, JFK50-P3
age
516
x-amz-server-side-encryption
AES256
etag
W/"644915d59292b7496ff86a0d2c460fce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
Yn80HCgUMW3lGIJJg4D5EpdnLalQBQHJmwGlEJdRUAk-UAMUKlShtA==
ats.js
ats-wrapper.privacymanager.io/ats-modules/f49514fe-dcca-4424-be6a-9f85d01f1ce1/ 		346 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/f49514fe-dcca-4424-be6a-9f85d01f1ce1/ats.js
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5756f0c3ffdb3158a395092934f42c6b5aadc1045553ca68fe6ad29eac76d53f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:12:39 GMT
x-amz-version-id
yq22de.DbHXb2TYKtB.OsGDnzs6wgRjd
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 08:56:57 GMT
server
AmazonS3
via
1.1 54a56da0fe0bae919389c7d572d4720e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"18771779d5daf599c4df7511f16e41a4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
age
699
x-amz-cf-id
RzPlFrYijN1AazX9aDtuK57x3sFrKB0upNkIaopoaEXJK_XSoAfKyw==
seasonal.js
search-api.fie.futurecdn.net/js/w/es6/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/js/w/es6/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/seasonal.js
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/responsive.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
299182523432e90745bd30b529ed1bc58a9df3b181eedadc8ceec28516f9605d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:16 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
298592
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
fie-assets
x-ftr-cache-status
HIT
content-length
993
x-ftr-expires
Fri, 26 Apr 2024 13:27:44 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer
hawk-proxy-185-113-25-40
x-served-by
cache-lon420147-LON, cache-yul12829-YUL
x-ftr-request-id
00000000:A1A6_00000000:01BB_644A7850_15113A0:0543
last-modified
Thu, 27 Apr 2023 10:24:07 GMT
x-timer
S1682900657.958777,VS0,VE0
etag
W/"644a4d47-8ee"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodwhite
cache-control
max-age=31536000, immutable, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges
bytes
x-cache-hits
1, 10618
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2482549652030483&ev=PageView&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&rl=&if=false&ts=1682900656967&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1682900656965.1686365121&it=1682900656745&coo=false&rqm=GET
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 01 May 2023 00:24:17 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
wRvAOEYoEeyfkEbo2AynAw.json
entitlements.jwplayer.com/ 		69 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/wRvAOEYoEeyfkEbo2AynAw.json
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.5.228 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79D9) /
Resource Hash
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:17 GMT
content-encoding
gzip
last-modified
Sun, 30 Apr 2023 22:02:52 GMT
server
ECAcc (nya/79D9)
age
8485
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=17880
accept-ranges
bytes
content-length
80
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		360 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e5b6d68ab32f145ca17f333ff43a2644b69887fbec215cb00a09cfc5ecc806b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123415
x-xss-protection
0
expires
Mon, 01 May 2023 00:24:17 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/ 		398 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 22:04:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
8396
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126109
x-xss-protection
0
server
cafe
etag
6695821980177688499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 29 Apr 2024 22:04:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		277 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.itpro.com&ppc_eid=44790324
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9723eb6a9705346630fe4eac739c8af6eca11ae57393d45c95bce048231427d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167
x-xss-protection
0
expires
Mon, 01 May 2023 00:24:17 GMT
audiences
api.permutive.com/audience-matching/v1/id/091cde89-731b-4c81-bd05-0150d761a6a5/ 		12 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/091cde89-731b-4c81-bd05-0150d761a6a5/audiences?k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:24:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1267059334&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&ul=en-us&de=UTF-8&dt=6%20of%20the%20best%20free%20malware%20removal%20tools%20for%20SMBs%20in%202023%20%7C%20ITPro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Affiliates&ea=Hawk%20appeared&el=%7B%22promotion%22%3A1%2C%22seasonal%22%3A1%7D&_u=6GDAAEABBAQCAGAAI~&jid=1708805460&gjid=236624766&cid=177419201.1682900657&tid=UA-1011119-1&_gid=36470777.1682900657&_r=1&cd40=6_of_the_best_free_malware_removal_tools_in_2023&cd41=Malware%7CTool%7CFreeware%7CFree_software&cd42=Software&cd43=Microsoft%7CMalwarebytes%7CAvast%7CBitdefender&cd45=6_of_the_best_free_malware_removal_tools_in_2023&cd46=Malware&cd47=6_of_the_best_free_malware_removal_tools_in_2023&cd50=6&cd58=Malware%7CSecurity&cd10=EN-US&cd5=itpro-pages-28083&cd7=connor_jones&cd99=0&cd128=08-03-2019&cd1=buying-guide&cd3=malware%7Csecurity&cd6=%7Caccess-metered%7Csourcesocial%7Cserversidehawk&cd8=08-03-2019&cd27=673941&cd33=null&cd53=2019-03-08T12%3A12%3A00Z&cd61=pageLoad&cd95=buying-guide&cd106=0&cd126=en&cd127=GB%7CUS&cd134=accessmetered%7Csourcesocial%7Cserversidehawk&cd31=9.3&cd30=4g&cd70=SIGNUP%20-%20Side%20Bar%3A1&cd12=null&cd14=null&cd16=null&cd17=2&cd25=null&cd37=null&cd48=null&cd60=null&cd65=null&cd66=null&cd73=null&cd75=null&cd76=null&cd84=null&cd90=null&cd105=null&cd111=null&cd115=null&cd116=null&cd117=null&cd118=null&cd122=null&cd124=null&cd125=null&cm1=1822&cm3=762.7000007629395&cm27=13525&z=547792875
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ramp
ads.servebom.com/ 		459 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servebom.com/ramp?r=662&o={%22f%22:1,%22p%22:null,%22l%22:%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools%22,%22tt%22:%226%20of%20the%20best%20free%20malware%20removal%20tools%20for%20SMBs%20in%202023%20%7C%20ITPro%22,%22fs%22:0,%22t%22:%222023-05-01%2000:24:17%22,%22tz%22:0,%22r%22:%221600x1200%22,%22pam%22:%22allowed%22,%22gdprConsent%22:null,%22ccpa%22:null,%22g%22:[],%22a%22:[{%22s%22:%22/10518929/itpro.co.uk/itpro_preroll_carousel%22,%22z%22:[540,304],%22d%22:%22video_content_212%22,%22g%22:{},%22refresh%22:1}],%22ex%22:[]}&uuid=1d47934812f945638a6d937f1643d340&at=v
Requested by
Host: champagne.futurecdn.net
URL: https://champagne.futurecdn.net/champagne.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
19a53e415b0747eee5b62eb7f9b7438e5505a519a885ba295250786870db18d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:17 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-hw
1682900657.cds198.dc2.hn,1682900657.cds218.dc2.sc,1682900657.cds218.dc2.p
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.itpro.com
content-type
text/plain
access-control-allow-credentials
true
timing-allow-origin
*
content-length
303
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:58:58 GMT
x-amz-version-id
ZtsI5FMPcYjgnUSe6fFwOoK3szNfqbqS
content-encoding
gzip
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
77120
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 27 Apr 2023 23:46:51 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
J7KjPJOKpnkfiSZpUPSMSNMsGqZu-wjQXruzC5G0sHJq5GV1wp0npA==
config
c.amazon-adsystem.com/cdn/prod/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3032&u=https%3A%2F%2Fwww.itpro.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 23:43:58 GMT
via
1.1 c790ffcab27717f283a6e87f31c6d65a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
2419
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.itpro.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
K2b_r2PLh5BTsBTvO_yr9XJ1mWlq6ADrbGYLxCjLzv-26-qDfCfBLA==
bid
aax.amazon-adsystem.com/e/dtb/ 		206 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3032&u=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&pid=Gcdc68XjobmOV&cb=0&ws=1600x1200&v=23.426.459&t=5000&slots=%5B%7B%22id%22%3A%22videoSlot%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.94.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-94-225.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
2c13b0d3ada46df2a5e9cc86cf0b299f7cc8fe097fc13d23179f649f60afbcd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:17 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
2A4XMDE42KC8MJ8S2B5A
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
206
x-amz-cf-id
8PSQ1qYIlNRL_O1erNMIyvJ6a8ooj1Mz4tgmblAcBigWJEZeLkLpkg==
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-1011119-1&cid=177419201.1682900657&jid=1708805460&gjid=236624766&_gid=36470777.1682900657&_u=6GDAAEABBAQCAGAAI~&z=104714716
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 01 May 2023 00:24:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
SiteEvent.dotmetrics
uk-script.dotmetrics.net/ 		399 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTIzNjgsImZsIjp0cnVlLCJkb20iOiJ3d3cuaXRwcm8uY29tIiwibHNvIjpudWxsLCJ1cmwiOiJodHRwczovL3d3dy5pdHByby5jb20vc2VjdXJpdHkvbWFsd2FyZS8yODA4My9iZXN0LWZyZWUtbWFsd2FyZS1yZW1vdmFsLXRvb2xzIiwicnVybCI6IiIsInB2aWQiOiI4MWMyMjY0Yi1kZmZlLTRmM2ItYWMyZC04OWFhZGE0N2I4NWMiLCJ0ek9mZnNldCI6MCwib3NzIjp0cnVlLCJvc2VzIjp0cnVlfQ%3D%3D&r=1682900657275
Requested by
Host: uk-script.dotmetrics.net
URL: https://uk-script.dotmetrics.net/Scripts/script.js?v=224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-44.ewr52.r.cloudfront.net
Software
Kestrel /
Resource Hash
9f7514fc64cd9811b18074e9b763cf7ee8cef0d788a5276fe35fc3e4055fd70a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:17 GMT
content-encoding
br
via
1.1 a1882a601559755135741e91a9f86c28.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
EWR52-C4
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
QtD7sL_dMZhI_juOv9enBzJSRTPcAd2HfmPpkD3ztDCyqwl9tb0NKw==
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1011119-1&cid=177419201.1682900657&jid=1708805460&_u=6GDAAEABBAQCAGAAI~&z=1289789321
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1011119-1&cid=177419201.1682900657&jid=1708805460&_u=6GDAAEABBAQCAGAAI~&z=1289789321
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
segment
api.permutive.com/adv/v2/ 		30 B
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:24:17 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30
content-type
application/json
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2482549652030483&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&rl=&if=false&ts=1682900657365&cd[segment_id]=73403&sw=1600&sh=1200&v=2.9.102&r=stable&ec=1&o=30&fbp=fb.1.1682900656965.1686365121&it=1682900656745&coo=false&rqm=GET
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 01 May 2023 00:24:17 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
Artemis
aud.pubmatic.com/AdServer/
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D733%26segid%3D89871%2C94788
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D733%26segid%3D89871%2C94788&rdf=1
  • https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=89871,94788
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=89871,94788
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
8.28.7.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

location
https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=89871,94788
date
Mon, 01 May 2023 00:24:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
segment
api.permutive.com/clm/v1/ 		49 B
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/clm/v1/segment?k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
bfdca37fe8dacc889872f1808296a5e3491ab77289d73c07a67361cb9f423ac4

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:24:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
content-type
application/json
/
r.skimresources.com/api/ 		167 B
387 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/?persistence=1&xguid=01BT2SNRZKMTD96W8181AS0KKC&data={%22pubcode%22:%2292X363%22,%22domains%22:[%22itpro.com%22,%22malwarebytes.com%22,%22anrdoezrs.net%22,%22evyy.net%22,%22av-test.org%22,%22linksynergy.com%22],%22page%22:%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools%22}&checksum=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/hl/es6/hawklinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
eb9f3c8f61e873840a819fefcb721b6760e86604c1c536d9bafcc2525dad38ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
openresty/1.19.9.1
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
VghWffSP-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/VghWffSP-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/VghWffSP-120.vtt
5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/VghWffSP-120.vtt
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cea86d756a89b9f2f042c1cb0b881e2793dd1121737dc211f752e56cb988c7cc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
874
x-served-by
cache-iad-kjyo7100076-IAD, cache-yul12831-YUL
last-modified
Fri, 04 Feb 2022 16:00:38 GMT
server
nginx
x-timer
S1682900658.640663,VS0,VE438
etag
"a25551b23caa982a4cf6b552484a1662"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
30621, 0

Redirect headers

date
Mon, 01 May 2023 00:24:17 GMT
via
1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/VghWffSP-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
BUZZjqFooTlqPLfwKHj_12urcJCmPtJqhZmTI0QsyKHdYjlIh-rsFQ==
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.26.9/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/provider.cast.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
478d7db2012e97743162bb73dab95c045e3533bade97a2c0b0f435c2ebbeebe8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:17 GMT
content-encoding
gzip
via
1.1 varnish
age
2865056
x-cache
HIT
content-length
9824
x-served-by
cache-yyz4534-YYZ
last-modified
Mon, 27 Mar 2023 20:13:23 GMT
server
AmazonS3
x-timer
S1682900658.541671,VS0,VE0
etag
"7a76911bb33f1218b000c0677e96c5ce"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
42368
related.js
ssl.p.jwpcdn.com/player/v/8.26.9/ 		102 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/related.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd090578f949988d88531c0c98339766364ed6cdcfd7bca0d49905c44e56a260

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:17 GMT
content-encoding
gzip
via
1.1 varnish
age
2865150
x-cache
HIT
content-length
24956
x-served-by
cache-yyz4534-YYZ
last-modified
Mon, 27 Mar 2023 20:13:25 GMT
server
AmazonS3
x-timer
S1682900658.542365,VS0,VE0
etag
"49db87945be8198af9e0136a6ad75ba3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
163338
bridge3.569.0_en.html
imasdk.googleapis.com/js/core/ Frame 33B7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
143268
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231159
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 08:36:29 GMT
expires
Sun, 28 Apr 2024 08:36:29 GMT
last-modified
Thu, 20 Apr 2023 19:19:40 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 00:24:17 GMT
/
www.facebook.com/tr/ Frame 3EF8 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.itpro.com
Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.itpro.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:24:17 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
iu3
s.amazon-adsystem.com/ Frame 4128
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&dcc=t
376 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
0a9d41d948e8dd4999cee081c0c5b564374172e49a5a73641385de4d107c69e2
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
376
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 01 May 2023 00:24:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
69ZJ2Z1QFTCMCM3D6E0Q

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 01 May 2023 00:24:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
B7PAY8MXNK3GA0R22YV6
bridge3.569.0_en.html
imasdk.googleapis.com/js/core/ Frame 9E77 		707 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-sticky-desktop.147dc0f8715e81aca16a.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503b21999a416f6bab70f0119d86d140b092689fbadc4ac68d7248dc00d44f11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
143268
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231159
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 08:36:29 GMT
expires
Sun, 28 Apr 2024 08:36:29 GMT
last-modified
Thu, 20 Apr 2023 19:19:40 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
jwplayer
jwplayer.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jwplayer.technoratimedia.com/openrtb/bids/jwplayer?src=prebid_prebid_7.6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:67b7:1059:7283:c690 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.itpro.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://www.itpro.com
access-control-max-age
86400
date
Mon, 01 May 2023 00:24:17 GMT
server
nginx
cookie_sync
vpb-server.jwplayer.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpb-server.jwplayer.com/cookie_sync
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.9.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-9-61.compute-1.amazonaws.com
Software
/
Resource Hash
25fe0315a31216326b00ce02a6ec46f499874cb94fce4905dfd4a81b3cf475e2

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:17 GMT
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1986
expires
0
auction
vpb-server.jwplayer.com/openrtb2/ 		232 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpb-server.jwplayer.com/openrtb2/auction
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.9.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-9-61.compute-1.amazonaws.com
Software
/
Resource Hash
066b93522ca4dec678f3d0f9ab2cdc0ac0e5f12d87f6890f22fe565408a2954a

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:17 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
232
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.145.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-145-199.compute-1.amazonaws.com
Software
/
Resource Hash
8fad62c2703536d0f448f9d2f4ee777e96abce886a51dde5eb2e8f3ca0c71b75

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:17 GMT
content-encoding
gzip
x-prebid
pbs-java/1.117.0
content-type
application/json
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
hbjson
grid.bidswitch.net/ 		23 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?no_mapping=1&sp=jwp
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
35c887ccee44fbd9166e9c7fd457a48fa55c6d9ba6e124ed1ce377d1ec275a57

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 01 May 2023 00:24:17 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
jwplayer
jwplayer.technoratimedia.com/openrtb/bids/ 		22 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jwplayer.technoratimedia.com/openrtb/bids/jwplayer?src=prebid_prebid_7.6.0
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:67b7:1059:7283:c690 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
01073f53cf528369f725936b73afd8786d3e6f6a4b15001f6c1800e0a1c66de1

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 01 May 2023 00:24:17 GMT
content-encoding
gzip
via
1.1 varnish
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
x-varnish
309146131
access-control-allow-credentials
true
content-length
48
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=755062&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%229997abf5af0bd8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools%3Fjwpseg%3D80000020%252C80000030%252C80000040%252C80000050%252C80000060%252C80000065%252C80000070%252C80000075%252C80000080%252C80011026%252C80011035%252C80011079%252C80011080%252C80011081%252C80011082%252C90000020%252C90000030%252C90000040%252C90000050%252C90000060%252C90000065%252C90000070%252CCMTPI-0059DF08%252CCMTPI-03654CCA%252CCMTPI-0677E447%252CCMTPI-0BF58D82%252CCMTPI-0CECEC20%252CCMTPI-0D820080%252CCMTPI-0E02F6C6%252CCMTPI-0EF8C0FC%252CCMTPI-115A18D9%252CCMTPI-129516EC%252CCMTPI-12D0185C%252CCMTPI-1403EFCF%252CCMTPI-16A13FA0%252CCMTPI-17E1858C%252CCMTPI-17FC149F%252CCMTPI-1801D437%252CCMTPI-18220805%252CCMTPI-1862FE8D%252CCMTPI-1A914BA9%252CCMTPI-1B48303C%252CCMTPI-1C1AF9F6%252CCMTPI-20972238%252CCMTPI-214AEA2B%252CCMTPI-215023C5%252CCMTPI-272784B3%252CCMTPI-28EF756E%252CCMTPI-298C1144%252CCMTPI-29EB2E80%252CCMTPI-2A67AF12%252CCMTPI-2AFB1697%252CCMTPI-2FD41300%252CCMTPI-31934974%252CCMTPI-31C465AB%252CCMTPI-32EEF776%252CCMTPI-33B15822%252CCMTPI-36BA92AC%252CCMTPI-3A3D73D1%252CCMTPI-3B1F64F2%252CCMTPI-3BF4C761%252CCMTPI-3C3D93D3%252CCMTPI-3C5D709B%252CCMTPI-3E34813A%252CCMTPI-3FE7BB03%252CCMTPI-40E2BC75%252CCMTPI-41AE15D8%252CCMTPI-423BC984%252CCMTPI-434208A3%252CCMTPI-43DB8114%252CCMTPI-456A40FB%252CCMTPI-468780F8%252CCMTPI-48AEA217%252CCMTPI-490406BA%252CCMTPI-49B3B8DB%252CCMTPI-4A797E04%252CCMTPI-4B5BC946%252CCMTPI-4C74FA64%252CCMTPI-4C78F6C7%252CCMTPI-4E807C99%252CCMTPI-4E9D34DD%252CCMTPI-4EDCA4BA%252CCMTPI-501E7815%252CCMTPI-50A1AE94%252CCMTPI-520BE62D%252CCMTPI-5272012D%252CCMTPI-52854BF9%252CCMTPI-54B3F68C%252CCMTPI-54E20E46%252CCMTPI-564BDB0E%252CCMTPI-57B67DE4%252CCMTPI-58ACA4A6%252CCMTPI-5ACCB87D%252CCMTPI-5B0F2BAA%252CCMTPI-5B9116B8%252CCMTPI-5C08D349%252CCMTPI-5C0D30E6%252CCMTPI-5D8B9118%252CCMTPI-5E59A0FD%252CCMTPI-5E67FFE1%252CCMTPI-61F57FCB%252CCMTPI-62382625%252CCMTPI-63D8A54B%252CCMTPI-647F1C78%252CCMTPI-674B4FDD%252CCMTPI-686F79B8%252CCMTPI-697B8462%252CCMTPI-6C948CDE%252CCMTPI-6CCEA632%252CCMTPI-6CFA8301%252CCMTPI-6F0857A8%252CCMTPI-718B3060%252CCMTPI-71FEED05%252CCMTPI-7232FEF3%252CCMTPI-7263294A%252CCMTPI-7346A449%252CCMTPI-740E0FB8%252CCMTPI-762DECC0%252CCMTPI-77B6A0A4%252CCMTPI-795ACE23%252CCMTPI-79A545BA%252CCMTPI-7BFDFB83%252CCMTPI-7D6DB333%252CCMTPI-7E91FBCE%252CCMTPI-83C73318%252CCMTPI-89F0B407%252CCMTPI-8B4FD699%252CCMTPI-8B550176%252CCMTPI-8E8A5556%252CCMTPI-8F0256F5%252CCMTPI-90FEB605%252CCMTPI-91B4B8A6%252CCMTPI-93D1808E%252CCMTPI-96FC6C06%252CCMTPI-974A6972%252CCMTPI-984BCCFF%252CCMTPI-992180C3%252CCMTPI-9934B409%252CCMTPI-99CEEDE8%252CCMTPI-99EED9E9%252CCMTPI-A2DC63AE%252CCMTPI-A2F0F533%252CCMTPI-A483A820%252CCMTPI-A51B55FC%252CCMTPI-A6886128%252CCMTPI-A701553E%252CCMTPI-A91ACFF2%252CCMTPI-AABB9CCA%252CCMTPI-ABB5E719%252CCMTPI-AC2C56B0%252CCMTPI-AD2B955A%252CCMTPI-B036B396%252CCMTPI-B589368E%252CCMTPI-B920F2B6%252CCMTPI-B9A1EE8A%252CCMTPI-B9DA6E48%252CCMTPI-B9E4BFCF%252CCMTPI-BDDD283A%252CCMTPI-C01F4CFD%252CCMTPI-C4784F98%252CCMTPI-C4EA78D9%252CCMTPI-C62EB36B%252CCMTPI-C7DF78E4%252CCMTPI-C8AB068D%252CCMTPI-CB93CF8E%252CCMTPI-CB9C09B9%252CCMTPI-CBF449AB%252CCMTPI-CC176359%252CCMTPI-CE58AFA9%252CCMTPI-CEFA13A3%252CCMTPI-CF57DBA3%252CCMTPI-CFB4B3E3%252CCMTPI-D196FF45%252CCMTPI-D1DFAFF8%252CCMTPI-D3D70833%252CCMTPI-D5172FF2%252CCMTPI-D57220A0%252CCMTPI-D69D3CA0%252CCMTPI-D727A638%252CCMTPI-D76CDC84%252CCMTPI-D85E312F%252CCMTPI-D9642A4D%252CCMTPI-DC46F2B4%252CCMTPI-DD635F5C%252CCMTPI-DF8C4D85%252CCMTPI-E1606495%252CCMTPI-E2876E9D%252CCMTPI-E4A035FB%252CCMTPI-E512F21E%252CCMTPI-E5980AAF%252CCMTPI-E62C5E5E%252CCMTPI-E884C5E3%252CCMTPI-E8DF00E6%252CCMTPI-E914FCF7%252CCMTPI-EA82FD75%252CCMTPI-EAC07C3B%252CCMTPI-EB768A63%252CCMTPI-EBBC6069%252CCMTPI-EBE41FDF%252CCMTPI-ED50DBDE%252CCMTPI-F03021C3%252CCMTPI-F0583F13%252CCMTPI-F2D29CC9%252CCMTPI-F35B60D9%252CCMTPI-F3B6F1FD%252CCMTPI-F591DCE4%252CCMTPI-F70B1614%252CCMTPI-F734BAED%252CCMTPI-F746E76E%252CCMTPI-F92CCD2F%252CCMTPI-F99B2D6D%252CCMTPI-F9D85EE2%252CCMTPI-FCE57443%252CJWIAB052%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.6.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221041c118a7eec08%22%2C%22ext%22%3A%7B%22siteID%22%3A%22755062%22%2C%22sid%22%3A%22JWPlayer%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fogg%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A3%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C7%2C5%2C6%2C8%5D%2C%22linearity%22%3A1%2C%22placement%22%3A1%2C%22playbackmethod%22%3A%5B3%5D%2C%22startdelay%22%3A0%2C%22api%22%3A%5B2%5D%2C%22playerSize%22%3A%5B%5B602%2C339%5D%5D%2C%22w%22%3A602%2C%22h%22%3A339%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
851cbda87275cc4272b1b2d7f49e096e000e43c1a5be4fc5f0a06df445142309

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzXHXixJ8jaNHr5SlPJEECk6qqai1zr3KXCg2oc3oePvsmtT32hxKKZKPPqDofUTiYcKo0oSOBrTB%2BXt9vv9sNXqjChjh8NfVOINmK2Vkeeg3By%2FVzE3qSGl2UzRjBzo2SPLnKeB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7c03e1767f3ba20a-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUTF28CX
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
de54e276416ce8f87e85d777885d28318878c90642caf63ea245eb603e668ef9

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:17 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.itpro.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Mon, 01 May 2023 00:24:17 GMT
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.itpro.com
date
Mon, 01 May 2023 00:24:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 01 May 2023 00:24:17 GMT
cm
u.openx.net/w/1.0/ Frame 4A76
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%2...
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dop...
878 B
882 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
90289c6d94b3c76fd75b007bac8dd60c0ea32cc1fdc8515652237f37da52982b

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
549
content-type
text/html
date
Mon, 01 May 2023 00:24:17 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 01 May 2023 00:24:17 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
pr
s.amazon-adsystem.com/v3/ Frame BD9E 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
34aad84ec27795b86c399e369382de88cf072131b781a0eba4a73b5537c417aa
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3601
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 01 May 2023 00:24:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
T1HYK2J1YSY6NC0YB8NZ
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Mon, 01 May 2023 00:24:17 GMT
cast_sender.js
www.gstatic.com/eureka/clank/112/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/112/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 04:23:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72028
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14872
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 16:06:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 01 May 2023 04:23:49 GMT
ecm3
s.amazon-adsystem.com/ Frame BD9E
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MBNZJ6F9TCWBKST1C8ZW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b
Date
Mon, 01 May 2023 00:24:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame BD9E
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3259022571455542000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3259022571455542000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VKWNY387KZXF24S4J764
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3259022571455542000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Mon, 01 May 2023 00:24:18 GMT
ecm3
s.amazon-adsystem.com/ Frame BD9E
Redirect Chain
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=cc48733c-86ac-429a-9aae-2d8d692b1383
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=cc48733c-86ac-429a-9aae-2d8d692b1383
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9SHR2YZ3NE9TJJWYXH8A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
server
nginx/1.12.2
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=cc48733c-86ac-429a-9aae-2d8d692b1383
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
setuid
vpb-server.jwplayer.com/ Frame 4A76 		0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vpb-server.jwplayer.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&f=b&uid=5ce37491-0a1a-0ddc-2f26-c6ef107e2503
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.9.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-9-61.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Mon, 01 May 2023 00:24:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0
sd
us-u.openx.net/w/1.0/ Frame 4A76
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZE8GsQAGq1TEpABS
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE8GsQAGq1TEpABS&_test=ZE8GsQAGq1TEpABS
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE8GsQAGq1TEpABS&_test=ZE8GsQAGq1TEpABS
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4536-YYZ
pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682900658.006883,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE8GsQAGq1TEpABS&_test=ZE8GsQAGq1TEpABS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
f1fa9d1a-2329-ac7c-757d-100f6e722ac7
pr-bh.ybp.yahoo.com/sync/openx/ Frame 4A76 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/f1fa9d1a-2329-ac7c-757d-100f6e722ac7?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:b3d5:d2d1:9b49:f7b1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 4A76 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=3deb8723-af2f-85cf-84a4-846df9162c6e
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E6E4JYVSAQE17F2DSPAR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4A76
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=653dfb5e-b385-3e35-44aa-06fa9125e78e&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=653dfb5e-b385-3e35-44aa-06fa9125e78e&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&ttd_puid=653dfb5e-b385-3e35-44aa-06fa9125e78e&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&ttd_puid=653dfb5e-b385-3e35-44aa-06fa9125e78e&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&ttd_puid=653dfb5e-b385-3e35-44aa-06fa9125e78e&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 4A76
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDk1MjI4OTQtN2FmMi02MDkxLTUxNGEtNWM0MzViYzcyOWVl
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDk1MjI4OTQtN2FmMi02MDkxLTUxNGEtNWM0MzViYzcyOWVl&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDk1MjI4OTQtN2FmMi02MDkxLTUxNGEtNWM0MzViYzcyOWVl&google_tc=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDk1MjI4OTQtN2FmMi02MDkxLTUxNGEtNWM0MzViYzcyOWVl&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4A76
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDpvtqfNoZ9D9XChKqPTSZY&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDpvtqfNoZ9D9XChKqPTSZY&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDpvtqfNoZ9D9XChKqPTSZY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame A08B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b0bdc4ea3797c3398da386f0c0c9a757b87db2d20e06077367251114d140fbee

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1648
Content-Type
text/html
Date
Mon, 01 May 2023 00:24:18 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 01 May 2023 00:24:18 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
cm
u.openx.net/w/1.0/ Frame 885E 		684 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3b8e61470f25ea2617091ddbbde445368bc37ecc80698921194dec72fab85a28

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
429
content-type
text/html
date
Mon, 01 May 2023 00:24:17 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 240E
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4497645360037501104&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4497645360037501104&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:24:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
KX4G18JN5K0SD9MXPNR9

Redirect headers

content-length
0
date
Mon, 01 May 2023 00:24:17 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4497645360037501104&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame D50C
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=58837906b6f72163&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&...
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMERwIIi-wjAMDjtofAAAAAAA&expiration=1682987058&is_secure=true&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMERwIIi-wjAMDjtofAAAAAAA&expiration=1682987058&is_secure=true&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:24:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
9DYQZG7ART4PJ26ASP70

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Mon, 01 May 2023 00:24:18 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMERwIIi-wjAMDjtofAAAAAAA&expiration=1682987058&is_secure=true&gdpr=0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
/
match.sharethrough.com/jwumXNuB/v1/ Frame 9419 		427 B
944 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.78.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-78-119.compute-1.amazonaws.com
Software
/
Resource Hash
b2f57c78ba7eececc4ac24f3dad2e03275a8730e6b029598bc8f6059e9beb55f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
427
date
Mon, 01 May 2023 00:24:17 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2FD0 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=32895
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 01 May 2023 00:24:17 GMT
expires
Mon, 01 May 2023 09:32:32 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 52F4 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.5.102.29 Toronto, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-102-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 May 2023 00:24:18 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame BDF9
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
828 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
4224179aeb31a2473314c4a3741d0c8ef6ab1f112be04aa9b777ace80759f7b9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
828
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-6c7cb7447-lmmsp
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
cw-server
bh-deployment-6c7cb7447-lmmsp
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 9B9E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1HSTRtbHVORTJ1TFAuVHJwVnFuYzk2eXRRLjFabFJ1Rn5B&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1HSTRtbHVORTJ1TFAuVHJwVnFuYzk2eXRRLjFabFJ1Rn5B&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:24:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
988CTP0E617FRCAN1DN2

Redirect headers

age
0
content-length
0
date
Mon, 01 May 2023 00:24:18 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1HSTRtbHVORTJ1TFAuVHJwVnFuYzk2eXRRLjFabFJ1Rn5B&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame 456E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fid%3D%2524UID%26ex%3Dappnexus.com%26gdpr%3D0
  • https://s.amazon-adsystem.com/ecm3?id=5364052513180930309&ex=appnexus.com&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=5364052513180930309&ex=appnexus.com&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:24:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
V8FNXDFBPXRCBPP3NR11

Redirect headers

AN-X-Request-Uuid
d4598b62-8c43-492a-85ca-66ffc5020f8a
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 01 May 2023 00:24:17 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=5364052513180930309&ex=appnexus.com&gdpr=0
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame E513
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=694731493061520576076
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=694731493061520576076
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:24:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
VNE0MGWEEJG8XCY3K366

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 01 May 2023 00:24:18 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=694731493061520576076
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/10055482/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
18.164.116.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-39.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:04:43 GMT
content-encoding
gzip
via
1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 10:02:11 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
1176
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Hiluzjv2zAqfQKo8_8QindiePGtGlq607ZVu6rExPODU5-RL4uplFA==

Redirect headers

date
Mon, 01 May 2023 00:24:17 GMT
via
1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P6
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
d7KKFbXbzGlic25ubrfXDK3uxgCadRTQ1PHesZEvgnl7pfJ1s7Cfew==
ecm3
s.amazon-adsystem.com/ Frame 885E 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=3deb8723-af2f-85cf-84a4-846df9162c6e
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YQRRBJT330ED76B69VB3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 885E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=634388a2-e882-03b2-0e4b-9e2ca2a92682
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=634388a2-e882-03b2-0e4b-9e2ca2a92682
95 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=634388a2-e882-03b2-0e4b-9e2ca2a92682
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:18 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Mon, 01 May 2023 00:24:18 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=634388a2-e882-03b2-0e4b-9e2ca2a92682
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ups.analytics.yahoo.com/ups/58294/ Frame 885E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=4bf978d7-6bef-047c-178d-c7f0068613e7
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=4bf978d7-6bef-047c-178d-c7f0068613e7&verify=true
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=4bf978d7-6bef-047c-178d-c7f0068613e7&verify=true
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=4bf978d7-6bef-047c-178d-c7f0068613e7&verify=true
date
Mon, 01 May 2023 00:24:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
458249.gif
idsync.rlcdn.com/ Frame 885E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=30fb8438-7ec2-0855-1bd3-8609a8be8656
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokMzBmYjg0MzgtN2VjMi0wODU1LTFiZDMtODYwOWE4YmU4NjU2EAAaDQiyjbyiBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=219870993d0c86bdf253e0b4bad5a31bd0c887f32244ff8b8c48cac207a07d97791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAyMTk4NzA5OTNkMGM4NmJkZjI1M2UwYjRiYWQ1YTMxYmQwYzg4N2YzMjI0NGZmOGI4YzQ4Y2FjMjA3YTA3ZDk3NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAyMTk4NzA5OTNkMGM4NmJkZjI1M2UwYjRiYWQ1YTMxYmQwYzg4N2YzMjI0NGZmOGI4YzQ4Y2FjMjA3YTA3ZDk3NzkxNDI2YjU0MTdkY2UyMRAAGgwIso28ogYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=808166d7-4ad3-429a-83d2-3cc963d578a8
42 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=808166d7-4ad3-429a-83d2-3cc963d578a8
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:18 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=808166d7-4ad3-429a-83d2-3cc963d578a8
date
Mon, 01 May 2023 00:24:18 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 885E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=5364052513180930309
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=5364052513180930309
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 01 May 2023 00:24:17 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
916903c1-7c46-4cb0-97ad-2f56e19a2b97
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=5364052513180930309
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 885E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2885768169026791528&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2885768169026791528&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2885768169026791528&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 01 May 2023 00:24:17 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
events
api.permutive.com/v2.0/batch/ 		301 B
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
281ccbd785307b6a781c2a9859fb2262b6c7d637d556fb24d39b55db781cefef

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:24:18 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
ecm3
s.amazon-adsystem.com/ Frame 9419 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=dfe7fbb1-55ce-41d1-849c-c06fbefaa442
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KCMVZVTEN6T5618WJBBB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 9419
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&gdpr=0&gdpr_consent=
68 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.6.78.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-78-119.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:18 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame 9419
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LH43LMKF-M-BG0S&gdpr=0
68 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LH43LMKF-M-BG0S&gdpr=0
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.6.78.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-78-119.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:18 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LH43LMKF-M-BG0S&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
Expires
0
v1
match.sharethrough.com/sync/ Frame 9419
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=Cx70wqgOv71vzzsto1ul&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZTWI4DSHUYCM43POVZGGZK7NFSD2YJXHEZTKMZQGU4DC...
  • https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=Cx70wqgOv71vzzsto1ul
68 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=Cx70wqgOv71vzzsto1ul
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.6.78.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-78-119.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:18 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Content-Type
text/html; charset=utf-8
Location
https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=Cx70wqgOv71vzzsto1ul
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
147
Expires
Thu, 01 Dec 1994 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 9419
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1
  • https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=75e96c09-430e-4d69-9c12-98bfda1e9e84&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
68 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=75e96c09-430e-4d69-9c12-98bfda1e9e84&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.6.78.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-78-119.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:18 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

x-servername
Track003-iad
pragma
no-cache
date
Mon, 01 May 2023 00:24:01 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=75e96c09-430e-4d69-9c12-98bfda1e9e84&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
cache-control
private,no-cache
content-length
296
expires
-1
rtset
bh.contextweb.com/bh/ Frame BDF9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=aU9tN1pqel8wMzFPS210Z3htcFZnUQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEDBpXlXmoCFu8DqfD_ITQJo&google_cver=1
49 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEDBpXlXmoCFu8DqfD_ITQJo&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-lmmsp
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEDBpXlXmoCFu8DqfD_ITQJo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame BDF9
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=60be0a41c9e12191&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAFprChiHtmegMGT_kNAAAAAAA&expiration=1682987058&nuid=&is_secure=true
49 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAFprChiHtmegMGT_kNAAAAAAA&expiration=1682987058&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-lmmsp
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAFprChiHtmegMGT_kNAAAAAAA&expiration=1682987058&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame BDF9 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=HSYqt5fCNHLv&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FNBNRPNCVV8VVGANMCM5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=10055482&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682900658051&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10055482&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682900658051&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10055482&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682900658051&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&c8=6%20of%20the%20best%20free%20malware%20removal%20tools%20for%20SMBs%20in%202023%20%7C%20ITPro&c9=
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
18.164.116.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-39.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:18 GMT
via
1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P6
x-amz-cf-id
1t_53PJVwWX_QUJ2aYFAnbodNzF_zqXdHI1WsLUcFEFhp7wQqJDFyQ==
x-cache
Miss from cloudfront

Redirect headers

date
Mon, 01 May 2023 00:24:18 GMT
via
1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P6
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=10055482&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682900658051&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&c8=6%20of%20the%20best%20free%20malware%20removal%20tools%20for%20SMBs%20in%202023%20%7C%20ITPro&c9=
content-length
0
x-amz-cf-id
KeixTD4i0K-17BOpv4VkCZsQeTHhOGYAV-ekPk3bvMNlmxeg3cMxeg==
crum
dsum-sec.casalemedia.com/ Frame A08B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE8GsntS6rVM0F29LL34HgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A08B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&expiration=1685492658&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&expiration=1685492658&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&expiration=1685492658&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame A08B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE8GsntS6rVM0F29LL34HgAABTsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBH2YRsdB61-QZwqPyShGkc&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBH2YRsdB61-QZwqPyShGkc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBH2YRsdB61-QZwqPyShGkc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A08B 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE8GsntS6rVM0F29LL34HgAABTsAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1S13NM63WM5FFY1VVXJW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A08B
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=32bb813a-08e8-461c-ac43-50601fc86e47&expiration=1714523058
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=32bb813a-08e8-461c-ac43-50601fc86e47&expiration=1714523058
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=32bb813a-08e8-461c-ac43-50601fc86e47&expiration=1714523058
Date
Mon, 01 May 2023 00:24:18 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame A08B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAA8Kk7Ing0AACQhPkHy3w&expiration=1684110258
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAA8Kk7Ing0AACQhPkHy3w&expiration=1684110258
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAA8Kk7Ing0AACQhPkHy3w&expiration=1684110258
Date
Mon, 01 May 2023 00:24:18 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame A08B
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=2571cea0-8b34-c2ac-78472fc0
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=2571cea0-8b34-c2ac-78472fc0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Mon, 01 May 2023 00:24:18 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=2571cea0-8b34-c2ac-78472fc0
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
ecm3
s.amazon-adsystem.com/ Frame A08B 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZE8GsntS6rVM0F29LL34HgAABTsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KTWQZ4EQ3SHR2XDPDHJQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 52F4 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.5.102.29 Toronto, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-102-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
738bbcb7d8a22cf89eaee4e1374d580261636592306b0d4dc6207579d7461191

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 May 2023 00:18:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85987
Connection
keep-alive
Content-Length
10019
Expires
Tue, 02 May 2023 00:17:25 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 34B9
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.84.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-84-78.compute-1.amazonaws.com
Software
/
Resource Hash
f6ed21be96371419bc5e56e69f17da9f20ae40ccee6018e29f33eb4dd1c89a36

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:24:18 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Mon, 01 May 2023 00:24:18 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:24:18 GMT
location
/um/cs&eq_cc=1
setuid
vpb-server.jwplayer.com/
Redirect Chain
  • https://x.videobyte.com/usync?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dvideobyte%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
  • https://vpb-server.jwplayer.com/setuid?bidder=videobyte&gdpr=0&gdpr_consent=&f=i&uid=d7e8299c-83aa-404a-8a25-2ff9cebaf077
86 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vpb-server.jwplayer.com/setuid?bidder=videobyte&gdpr=0&gdpr_consent=&f=i&uid=d7e8299c-83aa-404a-8a25-2ff9cebaf077
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
52.7.9.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-9-61.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

location
https://vpb-server.jwplayer.com/setuid?bidder=videobyte&gdpr=0&gdpr_consent=&f=i&uid=d7e8299c-83aa-404a-8a25-2ff9cebaf077
date
Mon, 01 May 2023 00:24:18 GMT
content-length
172
vary
Origin
content-type
text/html; charset=utf-8
VghWffSP-120.jpg
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/VghWffSP-120.jpg
  • https://assets-jpcust.jwpsrv.com/strips/VghWffSP-120.jpg
164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/strips/VghWffSP-120.jpg
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0f677d8783bc1f246f04d56df6da822ecc56db557544d3e8d7343e08c0b117c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
315
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
167403
x-served-by
cache-iad-kjyo7100164-IAD, cache-yyz4534-YYZ
last-modified
Fri, 04 Feb 2022 16:00:38 GMT
server
nginx
x-timer
S1682900658.233836,VS0,VE17
etag
"6bd9192c9fac5d2675697e5eb645bca8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
2, 0

Redirect headers

date
Mon, 01 May 2023 00:24:18 GMT
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/VghWffSP-120.jpg
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
HVq98qVNpqZiSww4SYruNhKeoS_5eqOmK7Xa5-r2RWoWy_r3swR7xg==
crum
dsum-sec.casalemedia.com/ Frame 34B9 		43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=e9f18e9c-c7b9-49ba-bdb1-59a00c492227&expiration=1690849458
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0
khaos.jpg
token.rubiconproject.com/ Frame 52F4 		284 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
vpb-server.jwplayer.com/
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%7BPUB_...
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%...
  • https://vpb-server.jwplayer.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&f=i&uid=b793b3d9-5185-43ff-876b-209598df5c7e
86 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vpb-server.jwplayer.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&f=i&uid=b793b3d9-5185-43ff-876b-209598df5c7e
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
52.7.9.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-9-61.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

location
https://vpb-server.jwplayer.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&f=i&uid=b793b3d9-5185-43ff-876b-209598df5c7e
access-control-allow-origin
*
date
Mon, 01 May 2023 00:24:18 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
w6vo1e7u-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/vFJq2NEG/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/w6vo1e7u-120.jpg
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/w6vo1e7u-120.jpg
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
51a08d115648f141f45b015c0513e05d053b7d27b70c09c611dc3ef339e95bae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
883
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
6186
x-served-by
cache-iad-kjyo7100031-IAD, cache-yyz4534-YYZ
last-modified
Fri, 04 Feb 2022 15:59:31 GMT
server
nginx
x-timer
S1682900658.350128,VS0,VE1
etag
"70862dab51f955f968fc36bfbed66e37"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
7777, 1

Redirect headers

date
Mon, 01 May 2023 00:24:18 GMT
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/w6vo1e7u-120.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
OrEjeaQv81jMXJwOWE0RlZPHp7McXQNXr86GFPQrf2esIfAs5uB1OQ==
ecm3
s.amazon-adsystem.com/ Frame 52F4
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=LH43LMLB-28-57MV
  • https://s.amazon-adsystem.com/ecm3?id=LH43LMLB-28-57MV&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LH43LMLB-28-57MV&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PYHV7BTRCDYZPV31XC0D
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LH43LMLB-28-57MV&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Expires
0
setuid
vpb-server.jwplayer.com/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID&sovrn_retry=true
  • https://vpb-server.jwplayer.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&f=i&uid=GkeYTLZH5EevHt7VRiGLiTt6
86 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vpb-server.jwplayer.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&f=i&uid=GkeYTLZH5EevHt7VRiGLiTt6
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
52.7.9.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-9-61.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

Date
Mon, 01 May 2023 00:24:18 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://vpb-server.jwplayer.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&f=i&uid=GkeYTLZH5EevHt7VRiGLiTt6
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ord1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:24:18 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tap.php
pixel.rubiconproject.com/ Frame 52F4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/hItjW11Ja6Jsv9wQ4nX2ssn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-44TTlddE2oI.vgyrMamIkvbGpdD.3si0VjbyTg--~A
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-44TTlddE2oI.vgyrMamIkvbGpdD.3si0VjbyTg--~A
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 01 May 2023 00:24:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-44TTlddE2oI.vgyrMamIkvbGpdD.3si0VjbyTg--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 52F4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDM5OWNkZWZhNzI4MTNiMjczNjZhMmZiY2ZhNzk2ZDBmMTBmMDlhNQ&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDM5OWNkZWZhNzI4MTNiMjczNjZhMmZiY2ZhNzk2ZDBmMTBmMDlhNQ&gdpr=0
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDM5OWNkZWZhNzI4MTNiMjczNjZhMmZiY2ZhNzk2ZDBmMTBmMDlhNQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 52F4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=equvcWTrQK665CiUmsMUQA&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=equvcWTrQK665CiUmsMUQA&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=equvcWTrQK665CiUmsMUQA&gdpr=0
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BRJV8QXNRHSXDY152DY0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=equvcWTrQK665CiUmsMUQA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8bab65602db075726861004da5629947
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 52F4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJXYH-UEF_6RC1uuH2mmJN8&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJXYH-UEF_6RC1uuH2mmJN8&google_cver=1
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJXYH-UEF_6RC1uuH2mmJN8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 52F4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame 52F4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEg0M0xNTEItMjgtNTdNVg==&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEIZrywt1m4CA-uvZ5S29Qfs&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg0M0xNTEItMjgtNTdNVg==&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg0M0xNTEItMjgtNTdNVg==&google_push=&gdpr=0
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg0M0xNTEItMjgtNTdNVg==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 52F4 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8DZGCA2KM757HKBCS64J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 52F4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH43LMLB-28-57MV&gdpr=0
0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH43LMLB-28-57MV&gdpr=0
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:17 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E70FB5B4175B46AE9374066DCE261184 Ref B: YMQ01EDGE0617 Ref C: 2023-05-01T00:24:18Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6ltfzzraI0rM5ak2v7Q==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH43LMLB-28-57MV&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
segment
api.permutive.com/clm/v1/ 		49 B
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/clm/v1/segment?k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
bfdca37fe8dacc889872f1808296a5e3491ab77289d73c07a67361cb9f423ac4

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:24:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
content-type
application/json
Artemis
aud.pubmatic.com/AdServer/
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D733%26segid%3D85460%2C89871%2C94788
  • https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=85460,89871,94788
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=85460,89871,94788
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
8.28.7.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

location
https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=85460,89871,94788
date
Mon, 01 May 2023 00:24:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
setuid
vpb-server.jwplayer.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%5BRX_UUID%5D&cb=1682900658710
  • https://ad.turn.com/r/cs?pid=45&rndcb=279742741
  • https://sync.1rx.io/usersync/turn/2885768169026791528?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005?redir=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%...
  • https://vpb-server.jwplayer.com/setuid?bidder=unruly&gdpr=0&gdpr_consent=&f=i&uid=RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005
86 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vpb-server.jwplayer.com/setuid?bidder=unruly&gdpr=0&gdpr_consent=&f=i&uid=RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
52.7.9.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-9-61.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

Date
Mon, 01 May 2023 00:24:18 GMT
Server
Tengine
ETag
RX397964c6fc9f436aab31b3a253f525d2005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://vpb-server.jwplayer.com/setuid?bidder=unruly&gdpr=0&gdpr_consent=&f=i&uid=RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005
Content-Type
text/html
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame CA2F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.5.102.29 Toronto, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-102-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 May 2023 00:24:18 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 4AEF 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
73
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7c03e17eabdfa220-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 01 May 2023 00:24:19 GMT
expires
Mon, 01 May 2023 04:24:19 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 7D11 		34 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b6c14f344cefb2ce04797ff6fab068e04af8116dfda7c1fa69aebab24508fe2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11505
content-type
text/html; charset=UTF-8
date
Mon, 01 May 2023 00:24:19 GMT
expires
Wed, 03 May 2023 00:24:19 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 82C0 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:2cf1:7be6:911:71d9:25f7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/1D3C) /
Resource Hash
0f4328dd583577482da89d8af94cd1146cec997553dd53bc2f9ee3d406cfa9ce

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
806
cache-control
max-age=900
content-encoding
gzip
content-length
6755
content-md5
HcWFhk+tXaF3NZt1fPMIOA==
content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:24:19 GMT
etag
9f484a91-0039-4789-8873-641b0861cba7
expires
Mon, 01 May 2023 00:39:19 GMT
last-modified
Thu, 02 Feb 2023 14:10:57 GMT
opc-request-id
iad-1:sKwvAn91ZQmOL6EU0OKEjKMIX3r_HM_AL3omPFidgMa4gE1FP2hodXZFBQEgqgz0
server
ECAcc (nyb/1D3C)
storage-tier
Standard
vary
Accept-Encoding
version-id
68d8e56e-76a4-4241-8b88-07572b4580e7
x-api-id
native
x-cache
HIT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F533 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158831&gdpr=0&gdpr_consent=
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=32894
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 01 May 2023 00:24:18 GMT
expires
Mon, 01 May 2023 09:32:32 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=themediagrid
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=themediagrid
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4462594004579376896&ssp=themediagrid
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=4462594004579376896&ssp=themediagrid
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://x.bidswitch.net/sync?dsp_id=70&user_id=4462594004579376896&ssp=themediagrid
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
setuid
vpb-server.jwplayer.com/
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=50&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_...
  • https://vpb-server.jwplayer.com/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&f=i&uid=4497645360037501104
86 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vpb-server.jwplayer.com/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&f=i&uid=4497645360037501104
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
52.7.9.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-9-61.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

location
https://vpb-server.jwplayer.com/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&f=i&uid=4497645360037501104
date
Mon, 01 May 2023 00:24:18 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame CA2F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.5.102.29 Toronto, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-102-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
738bbcb7d8a22cf89eaee4e1374d580261636592306b0d4dc6207579d7461191

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 May 2023 00:18:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85986
Connection
keep-alive
Content-Length
10019
Expires
Tue, 02 May 2023 00:17:25 GMT
services
sync.technoratimedia.com/ Frame 82C0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sync.technoratimedia.com/services?srv=cs&source=ipv6&uid=2607%3A5300%3A60%3A7867%3A%3A7&atip=0&tbk=0&nbk=0
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:67b7:1059:7283:c690 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
288903243
access-control-allow-origin
https://ad-cdn.technoratimedia.com
access-control-allow-credentials
true
usync.html
eus.rubiconproject.com/ Frame F991
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.5.102.29 Toronto, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-102-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 May 2023 00:24:19 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 01 May 2023 00:24:19 GMT
location
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7F44 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=32893
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 01 May 2023 00:24:19 GMT
expires
Mon, 01 May 2023 09:32:32 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 1009 		1 KB
709 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
96b7f252046129093d30fb3c2a3ab919c7ddf3104101bb880fa0e3729fe7ef15

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
690
content-type
text/html
date
Mon, 01 May 2023 00:24:19 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
hde.tynt.com/deb/ Frame C2BA
Redirect Chain
  • https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
48130b5f7a50716493bc3fffdf9e26bf2dedfecf7f81af4edf7993b13dbfc057

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1604
content-type
text/html
date
Mon, 01 May 2023 00:24:18 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Mon, 01 May 2023 00:24:19 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
/
onetag-sys.com/usync/ Frame 9B48 		2 KB
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=572a470226457b8
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame CD54 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
b29e8a241dc0649fceba0471c96e9f51612f6278bb7e55be034addc3bd2b4513

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1210
content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:24:19 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
services
uat-net.technoratimedia.com/ Frame 82C0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:67b7:1059:7283:c690 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
337713908
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
227
services
sync.technoratimedia.com/ Frame 82C0
Redirect Chain
  • https://secure.adnxs.com/getuid?https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=$UID
  • https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=5364052513180930309
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=5364052513180930309
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:67b7:1059:7283:c690 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
284841131
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Date
Mon, 01 May 2023 00:24:19 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
22f1bed2-f0c2-4707-8317-66e6275677ed
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=5364052513180930309
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
services
sync.technoratimedia.com/ Frame 82C0
Redirect Chain
  • https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40
  • https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:67b7:1059:7283:c690 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
333584787
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
date
Mon, 01 May 2023 00:24:18 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
359515
content-length
0
services
sync.technoratimedia.com/ Frame 82C0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/syn
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBOEtrN0luZzBBQUNRaFBrSHkzdw&bee_sync_partners=pm%2Csas%2Cpp%2Csyn&bee_sync_current_partner=adx&bee_sync_initiator=syn...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Csyn&bee_sync_current_partner=adx&bee_sync_initiator=syn&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA8Kk7Ing0AACQhPkHy3w&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Csyn&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAA8Kk7Ing0AACQhPkHy3w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csyn%26bee_sync_curr...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4497645360037501104
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAA8Kk7Ing0AACQhPkHy3w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D4497645360037501104%26bee_sync_partners%3Dsyn%26bee_syn...
  • https://match.prod.bidr.io/cookie-sync?userid=4497645360037501104&bee_sync_partners=syn&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAA8Kk7Ing0AACQhPkHy3w&pid=558502&...
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAA8Kk7Ing0AACQhPkHy3w
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAA8Kk7Ing0AACQhPkHy3w
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:67b7:1059:7283:c690 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
283371167
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAA8Kk7Ing0AACQhPkHy3w
Date
Mon, 01 May 2023 00:24:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
services
sync.technoratimedia.com/ Frame 82C0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6400589931
  • https://sync.1rx.io/usersync/tradedesk/eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
  • https://sync.targeting.unrulymedia.com/csync/RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3DRX-397964c6-fc9f-436a-...
  • https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:67b7:1059:7283:c690 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
324311965
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Date
Mon, 01 May 2023 00:24:19 GMT
Server
Tengine
ETag
RX397964c6fc9f436aab31b3a253f525d2005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005
Content-Type
text/html
Connection
keep-alive
services
sync.technoratimedia.com/ Frame 82C0
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D
  • https://sync.technoratimedia.com/services?srv=cs&pid=79&uid=b793b3d9-5185-43ff-876b-209598df5c7e
0
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=79&uid=b793b3d9-5185-43ff-876b-209598df5c7e
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:67b7:1059:7283:c690 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
337713906
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=79&uid=b793b3d9-5185-43ff-876b-209598df5c7e
access-control-allow-origin
*
date
Mon, 01 May 2023 00:24:19 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
services
uat-net.technoratimedia.com/ Frame 82C0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58266/sync?redir=true
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-4Xye4H9E2uFkZftg0_hJBHxF8RYa6Hpm~A
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-4Xye4H9E2uFkZftg0_hJBHxF8RYa6Hpm~A
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:67b7:1059:7283:c690 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
333584781
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-4Xye4H9E2uFkZftg0_hJBHxF8RYa6Hpm~A
date
Mon, 01 May 2023 00:24:19 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
services
sync.technoratimedia.com/ Frame 82C0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D
  • https://sync.technoratimedia.com/services?srv=cs&pid=82&uid=ZE8GsntS6rVM0F29LL34HgAA%261339
0
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=82&uid=ZE8GsntS6rVM0F29LL34HgAA%261339
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:67b7:1059:7283:c690 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
337713904
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.technoratimedia.com/services?srv=cs&pid=82&uid=ZE8GsntS6rVM0F29LL34HgAA%261339
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
0
Expires
0
services
sync.technoratimedia.com/ Frame 82C0
Redirect Chain
  • https://sync.aralego.com/idSync?ucf_nid=par-488A3E6BD8D997D0ED8B3BD34D8BA4B&ucf_user_id=5597529CCA40456999768DE69389154D&redirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%...
  • https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=e982d87b-1ada-328b-8637-db6bc271a79d
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=e982d87b-1ada-328b-8637-db6bc271a79d
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:67b7:1059:7283:c690 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
324311959
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Location
https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=e982d87b-1ada-328b-8637-db6bc271a79d
Date
Mon, 01 May 2023 00:24:19 GMT
Connection
close
Content-Length
118
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
services
uat-net.technoratimedia.com/ Frame 82C0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=synacor&user_id=5597529CCA40456999768DE69389154D
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=synacor&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=978477414459663588&expires=30&ssp=synacor
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=48&uid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=48&uid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:67b7:1059:7283:c690 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
335779941
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Location
//uat-net.technoratimedia.com/services?srv=cs&pid=48&uid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b
Date
Mon, 01 May 2023 00:24:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
services
uat-net.technoratimedia.com/ Frame 82C0
Redirect Chain
  • https://synacor-match.dotomi.com/match/bounce/current?networkId=63258&version=1&nuid=5597529CCA40456999768DE69389154D
  • https://synacor-match.dotomi.com/match/bounce/current?DotomiTest=49ddf1c3cc3521f7&is_secure=true&networkId=63258&version=1&nuid=5597529CCA40456999768DE69389154D
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=49&uid=AAAMERwIIi-wwANGMwmSAAAAAAA&expiration=1682987059&nuid=5597529CCA40456999768DE69389154D&is_secure=true
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=49&uid=AAAMERwIIi-wwANGMwmSAAAAAAA&expiration=1682987059&nuid=5597529CCA40456999768DE69389154D&is_secure=true
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:67b7:1059:7283:c690 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
314744096
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://uat-net.technoratimedia.com/services?srv=cs&pid=49&uid=AAAMERwIIi-wwANGMwmSAAAAAAA&expiration=1682987059&nuid=5597529CCA40456999768DE69389154D&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
services
sync.technoratimedia.com/ Frame 82C0
Redirect Chain
  • https://contextual.media.net/cksync.php?cs=3&type=syn&ovsid=5597529CCA40456999768DE69389154D&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D62%26uid%3D%5BUSER_ID%5D
  • https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=3259022571455542000V10
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=3259022571455542000V10
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:67b7:1059:7283:c690 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
311963661
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 01 May 2023 00:24:19 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=3259022571455542000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 01 May 2023 00:24:19 GMT
rtb-h
sync.taboola.com/sg/synacorrtb-network/1/ Frame 82C0 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=5597529CCA40456999768DE69389154D
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21642
pubcid.php
hbx.media.net/ Frame 7D11 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Mon, 01 May 2023 00:24:19 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Mon, 01 May 2023 00:54:19 GMT
sync
gum.criteo.com/ Frame 7D11 		61 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:18 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
660149
expires
60
cksync.html
contextual.media.net/ Frame FFD7
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3259022571455542000V10%26type%3Drkt%26refUrl%3D%26vid%3D290065910232590225714555420...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3259022571455542000V10&type=rkt&refUrl=&vid=29006591023259022571455542000V10&ovsid=979321832824455813
235 B
667 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3259022571455542000V10&type=rkt&refUrl=&vid=29006591023259022571455542000V10&ovsid=979321832824455813
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
235
content-type
text/html;charset=UTF-8
date
Mon, 01 May 2023 00:24:19 GMT
expires
Mon, 01 May 2023 00:24:19 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Mon, 01 May 2023 00:24:19 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3259022571455542000V10&type=rkt&refUrl=&vid=29006591023259022571455542000V10&ovsid=979321832824455813
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2ADB 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3259022571455542000V10%26type%3Dpba%26refUrl%3D%26vid%3D29006591023259022571455542000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=32893
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 01 May 2023 00:24:19 GMT
expires
Mon, 01 May 2023 09:32:32 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 7D11
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3259022571455542000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=604e1745a3522163&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3259022571455542000V10&type=con&refUrl=&vid=29006591023259022571455542000V10&ovsid=AAAMERwIIi-wxgMJv1t_AAAAAAA&expiration=1682987059&is_secure=true
61 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3259022571455542000V10&type=con&refUrl=&vid=29006591023259022571455542000V10&ovsid=AAAMERwIIi-wxgMJv1t_AAAAAAA&expiration=1682987059&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 01 May 2023 00:24:19 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Mon, 01 May 2023 00:24:19 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3259022571455542000V10&type=con&refUrl=&vid=29006591023259022571455542000V10&ovsid=AAAMERwIIi-wxgMJv1t_AAAAAAA&expiration=1682987059&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.html
contextual.media.net/ Frame 7D11
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3259022571455542...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3259022571455542000V10&type=opx&refUrl=&vid=29006591023259022571455542000V10&ovsid=ad1192c1-1885-04d5-27e5-789423ca7552
235 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3259022571455542000V10&type=opx&refUrl=&vid=29006591023259022571455542000V10&ovsid=ad1192c1-1885-04d5-27e5-789423ca7552
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 01 May 2023 00:24:19 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
235
x-mnet-hl2
E
expires
Mon, 01 May 2023 00:24:19 GMT

Redirect headers

date
Mon, 01 May 2023 00:24:19 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3259022571455542000V10&type=opx&refUrl=&vid=29006591023259022571455542000V10&ovsid=ad1192c1-1885-04d5-27e5-789423ca7552
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 7D11
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3259022571455542000V10%26type%3Dmma%26refUrl%3D%26vid%3D290065910232590225714555...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3259022571455542000V10&type=mma&refUrl=&vid=29006591023259022571455542000V10&ovsid=f9cf644f-06b3-4900-b8a5-8b10c143e1a0
61 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3259022571455542000V10&type=mma&refUrl=&vid=29006591023259022571455542000V10&ovsid=f9cf644f-06b3-4900-b8a5-8b10c143e1a0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 01 May 2023 00:24:19 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Mon, 01 May 2023 00:24:19 GMT

Redirect headers

Date
Mon, 01 May 2023 00:24:19 GMT
Server
MT3 830 785530e master ord-pixel-x58 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3259022571455542000V10&type=mma&refUrl=&vid=29006591023259022571455542000V10&ovsid=f9cf644f-06b3-4900-b8a5-8b10c143e1a0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 01 May 2023 00:24:18 GMT
cksync
cs.media.net/ Frame 7D11
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzI1OTAyMjU3MTQ1NTU0MjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEJA_aSKws9ngJa2ZAhAP644&google_cver=1
61 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEJA_aSKws9ngJa2ZAhAP644&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:19 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
61
x-mnet-hl2
E
Expires
Mon, 01 May 2023 00:24:19 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEJA_aSKws9ngJa2ZAhAP644&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 7D11
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3259022571455542000V10%26type%3Ddxu%26refUrl%3D%26vid%3D29006591023259022571455...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3259022571455542000V10%26type%3Ddxu%26refUrl%3D%26vid%3D29006591023259022...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3259022571455542000V10&type=dxu&refUrl=&vid=29006591023259022571455542000V10&ovsid=pUk6ZoCt1PThl15
61 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3259022571455542000V10&type=dxu&refUrl=&vid=29006591023259022571455542000V10&ovsid=pUk6ZoCt1PThl15
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 01 May 2023 00:24:19 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Mon, 01 May 2023 00:24:19 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:18 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0ecfbb00512917984@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3259022571455542000V10&type=dxu&refUrl=&vid=29006591023259022571455542000V10&ovsid=pUk6ZoCt1PThl15
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 7D11
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=026893ad-780c-4a5a-9234-f80bf56a9518
61 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=026893ad-780c-4a5a-9234-f80bf56a9518
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 01 May 2023 00:24:19 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Mon, 01 May 2023 00:24:19 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=026893ad-780c-4a5a-9234-f80bf56a9518
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1902069
content-length
0
expires
Mon, 01 May 2023 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 7D11
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&ssp=medianet&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594225548510857152&ssp=medianet&gdpr=0&gdpr_consent=
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&gdpr=0&gdpr_consent=&gdpr_pd=
61 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 01 May 2023 00:24:19 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Mon, 01 May 2023 00:24:19 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Mon, 01 May 2023 00:24:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 7D11
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3259022571455542000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3259022571455542000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=5b84f903-6fa4-4601-9646-10138d604f28&cs=1
61 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=5b84f903-6fa4-4601-9646-10138d604f28&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 01 May 2023 00:24:19 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Mon, 01 May 2023 00:24:19 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=5b84f903-6fa4-4601-9646-10138d604f28&cs=1
date
Mon, 01 May 2023 00:24:19 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
710489.gif
id.rlcdn.com/ Frame 7D11 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 7D11
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
61 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:19 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
61
x-mnet-hl2
E
Expires
Mon, 01 May 2023 00:24:19 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
services
sync.technoratimedia.com/ Frame 1009 		0
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=5851b4e0-d4d2-0606-2e6a-189aa5c5d968
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:67b7:1059:7283:c690 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
333584777
access-control-allow-origin
https://us-u.openx.net/
access-control-allow-credentials
true
sync
x.bidswitch.net/ Frame 1009
Redirect Chain
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=658b27da-845f-0444-062c-fafc1bb32661
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=658b27da-845f-0444-062c-fafc1bb32661&_li_chk=true&previous_uuid=afb9bc1970c640c68292b0cab6feeb7f
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=658b27da-845f-0444-062c-fafc1bb32661&previous_uuid=1b3c62d3dd6c476895a5789aae3c865f
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2885768169026791528
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=afb9bc19-70c6-40c6-8292-b0cab6feeb7f&liid=&_ct=im
  • https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=80fe0a2b0ad1820743485bcf98cbcda9
  • https://x.bidswitch.net/sync?dsp_id=42&user_id=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=42&user_id=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=42&user_id=
Date
Mon, 01 May 2023 00:24:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
g.pixel
aa.agkn.com/adscores/ Frame 1009 		43 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212314908&puid=79bf1b20-fc49-05a4-2ee8-8a7011e375a8
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-50.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 90a990c5327e86ade86681120dc4a236.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
8ELFkEkP9l8FvML6xDdkaWMV7zf7POrA_QJkHogY-CWDSLnEzYqEnQ==
expires
0
37274
stags.bluekai.com/site/ Frame 1009 		62 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/37274?limit=1&id=4229a3f8-86f2-03b4-3e5d-99de0a75873d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.156.219 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-156-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control
max-age=0, no-cache, no-store
content-length
62
bk-server
50f
expires
Thu, 01 Dec 1994 16:00:00 GMT
709996.gif
id.rlcdn.com/ Frame 1009 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sd
us-u.openx.net/w/1.0/ Frame 1009
Redirect Chain
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=c9906ed4-ab1d-1b03-b383-4d09b4e8a74c
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=13pnge4990fep
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072960&val=13pnge4990fep
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://us-u.openx.net/w/1.0/sd?id=537072960&val=13pnge4990fep
cache-control
no-cache
cf-ray
7c03e180795e3401-YUL
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 1009
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=7ab3cfbb-e1ff-027b-323f-9dbb7517e9bf&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:2a81f4cc283a6d0282d32da081d33940
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:2a81f4cc283a6d0282d32da081d33940
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 01 May 2023 00:24:19 GMT
server
Aorta/20230424.0cea469ad
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:2a81f4cc283a6d0282d32da081d33940
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
f4138e446345
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame 1009
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=umtxYhoDhxui3kpNQjzdNA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H2
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
kqi3vpvb0oseg55v6307pus8dql29alr

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1009
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=4321644f-06b3-4d00-9f02-623ffea91b7e
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=4321644f-06b3-4d00-9f02-623ffea91b7e
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 01 May 2023 00:24:19 GMT
Server
MT3 830 785530e master ord-pixel-x48 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=4321644f-06b3-4d00-9f02-623ffea91b7e
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 01 May 2023 00:24:18 GMT
sd
us-u.openx.net/w/1.0/ Frame 1009
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=7346c5ca-1cb1-4263-a1e2-d35d1dcf074f
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=7346c5ca-1cb1-4263-a1e2-d35d1dcf074f
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=7346c5ca-1cb1-4263-a1e2-d35d1dcf074f
Date
Mon, 01 May 2023 00:24:19 GMT
Connection
keep-alive
X-CI-RTID
302ebdda-ce33-4297-b5d2-0a98a264b2f3
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 1009
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
xuid
eb2.3lift.com/ Frame CD54
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:24:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame CD54
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njk0NzMxNDkzMDYxNTIwNTc2MDc2
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame CD54
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMq79tCHMV3dOevSM7tpELw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMq79tCHMV3dOevSM7tpELw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:24:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMq79tCHMV3dOevSM7tpELw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CD54
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njk0NzMxNDkzMDYxNTIwNTc2MDc2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njk0NzMxNDkzMDYxNTIwNTc2MDc2
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Njk0NzMxNDkzMDYxNTIwNTc2MDc2
date
Mon, 01 May 2023 00:24:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame CD54 		0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=694731493061520576076&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:18 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 9710D30F9CBF45DDB19D89B42466353D Ref B: YMQ01EDGE0617 Ref C: 2023-05-01T00:24:19Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6ltf8MCuglmsiJNXSjg==
xuid
eb2.3lift.com/ Frame CD54
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=694731493061520576076&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=5b84f903-6fa4-4601-9646-10138d604f28&ssp=triplelift&gdpr=0
  • https://eb2.3lift.com/xuid?mid=2409&xuid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:24:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Mon, 01 May 2023 00:24:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame CD54 		42 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=694731493061520576076&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
last-modified
Mon, 24 Apr 2023 16:43:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D6432BE655874A75AC999C3A87BD9CF9 Ref B: YMQ01EDGE0622 Ref C: 2023-05-01T00:24:19Z
etag
"97b0d0f2cb76d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame CD54
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/694731493061520576076?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-WnqmlmxE2oRQpFppt0RxkjGwQene.2BBMM_IPDzK.w--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-WnqmlmxE2oRQpFppt0RxkjGwQene.2BBMM_IPDzK.w--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:24:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 01 May 2023 00:24:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-WnqmlmxE2oRQpFppt0RxkjGwQene.2BBMM_IPDzK.w--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame CD54
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=Cx70wqgOv71vzzsto1ul&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IN4DOMDXOFTU6...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=Cx70wqgOv71vzzsto1ul
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=Cx70wqgOv71vzzsto1ul
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:24:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:19 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=Cx70wqgOv71vzzsto1ul
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame CD54
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5364052513180930309&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=5364052513180930309&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:24:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Mon, 01 May 2023 00:24:19 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2ec8fdbd-e24d-42f6-819d-ac7b31a1d449
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=5364052513180930309&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
services
sync.technoratimedia.com/ Frame CD54 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=88&uid=694731493061520576076
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:67b7:1059:7283:c690 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
314744094
access-control-allow-origin
https://eb2.3lift.com/
access-control-allow-credentials
true
usync.js
eus.rubiconproject.com/ Frame F991 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.5.102.29 Toronto, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-102-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
738bbcb7d8a22cf89eaee4e1374d580261636592306b0d4dc6207579d7461191

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 May 2023 00:18:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85986
Connection
keep-alive
Content-Length
10019
Expires
Tue, 02 May 2023 00:17:25 GMT
setuid
vpb-server.jwplayer.com/
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%5BUID%5D
  • https://vpb-server.jwplayer.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&f=i&uid=cc54377c-6a9e-4e6a-b12e-79ecec04d9a8
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vpb-server.jwplayer.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&f=i&uid=cc54377c-6a9e-4e6a-b12e-79ecec04d9a8
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
52.7.9.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-9-61.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:19 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-167
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://vpb-server.jwplayer.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&f=i&uid=cc54377c-6a9e-4e6a-b12e-79ecec04d9a8
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
log
c21lg-d.media.net/ Frame 7D11 		35 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=e84d3ece-bc5d-40fa-a3b1-d7fbfbcee7ed&cs=15&vsid=3259022571455542000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 01 May 2023 00:24:19 GMT
content-length
35
content-type
image/gif
usync.html
eus.rubiconproject.com/ Frame 41E3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.5.102.29 Toronto, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-102-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 May 2023 00:24:19 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 01 May 2023 00:24:19 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
services
sync.technoratimedia.com/ Frame C2BA
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1682900659319.&ri=0014000001aXjnGAAS&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D...
  • https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=212153908003024
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=212153908003024
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
2603:c020:400d:3000:67b7:1059:7283:c690 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
337713920
access-control-allow-origin
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=212153908003024
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame C2BA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=5b84f903-6fa4-4601-9646-10138d604f28&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
referrer-policy
unsafe-url
server
33XP020
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame C2BA
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1682900659319.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=4321644f-06b3-4d00-9f02-623ffea91b7e
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=4321644f-06b3-4d00-9f02-623ffea91b7e
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Mon, 01 May 2023 00:24:19 GMT
Server
MT3 830 785530e master ord-pixel-x13 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=4321644f-06b3-4d00-9f02-623ffea91b7e
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 01 May 2023 00:24:18 GMT
match
events-ssc.33across.com/ Frame C2BA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-iEc2Id9E2uE8RyNvqyPLhuUqCVF2upQ0~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iEc2Id9E2uE8RyNvqyPLhuUqCVF2upQ0%7EA&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iEc2Id9E2uE8RyNvqyPLhuUqCVF2upQ0%7EA&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-iEc2Id9E2uE8RyNvqyPLhuUqCVF2upQ0%7EA&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame C2BA
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=706a27e341330fe8&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAFprChiHtmsgMDCf83AAAAAAA&expiration=1682987059&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAFprChiHtmsgMDCf83AAAAAAA&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAFprChiHtmsgMDCf83AAAAAAA&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:18 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAFprChiHtmsgMDCf83AAAAAAA&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame C2BA
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=694731493061520576076
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=694731493061520576076&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=694731493061520576076&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
referrer-policy
unsafe-url
server
33XP017
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=694731493061520576076&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
services
uat-net.technoratimedia.com/ Frame F991
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=synacor_xapi&gdpr_consent=undefined&gdpr=0&khaos=LH43LMLB-28-57MV
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=LH43LMLB-28-57MV&gdpr=0&gdpr_consent=undefined
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=LH43LMLB-28-57MV&gdpr=0&gdpr_consent=undefined
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:67b7:1059:7283:c690 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
324311971
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=LH43LMLB-28-57MV&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Expires
0
usync.js
eus.rubiconproject.com/ Frame 41E3 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.5.102.29 Toronto, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-102-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
738bbcb7d8a22cf89eaee4e1374d580261636592306b0d4dc6207579d7461191

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 May 2023 00:18:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85986
Connection
keep-alive
Content-Length
10019
Expires
Tue, 02 May 2023 00:17:25 GMT
match
events-ssc.33across.com/ Frame 41E3
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&gdpr_consent=undefined&gdpr=0&khaos=LH43LMLB-28-57MV
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LH43LMLB-28-57MV&gdpr=0&gdpr_consent=undefined
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LH43LMLB-28-57MV&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LH43LMLB-28-57MV&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:19 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:19 GMT
referrer-policy
unsafe-url
server
33XP014
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LH43LMLB-28-57MV&ts=1682900659&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
segment
api.permutive.com/clm/v1/ 		49 B
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/clm/v1/segment?k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
bfdca37fe8dacc889872f1808296a5e3491ab77289d73c07a67361cb9f423ac4

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:24:19 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
content-type
application/json
auction
tlx.3lift.com/header/ 		19 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.18.0&referrer=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&tmax=3000&gdpr=false&us_privacy=1---
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.26.28 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-26-28.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
accept-ch
sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr
x-auction-status
29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=934082&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229ac6ad66e925ef%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%227.18.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22pbadslot%22%3A%22%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fmpu3%22%2C%22adunitcode%22%3A%22%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fmpu3%22%2C%22divId%22%3A%22bordeaux-standard-ad-3%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221051088363fe08d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22934082%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22934082%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22934082%22%7D%7D%2C%7B%22w%22%3A980%2C%22h%22%3A240%2C%22ext%22%3A%7B%22siteID%22%3A%22934082%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fleaderboard%22%2C%22gpid%22%3A%22%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fleaderboard%22%2C%22tid%22%3A%22f987a15c-8e3e-487b-a4b5-e822700e0123%22%7D%7D%2C%7B%22id%22%3A%2214dd88b8174c404%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A251%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A601%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fmpu1%22%2C%22gpid%22%3A%22%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fmpu1%22%2C%22tid%22%3A%2205807041-7505-4f03-95e6-7dbeb7255e19%22%7D%7D%2C%7B%22id%22%3A%22169489f26325a03%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A252%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A602%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fmpu2%22%2C%22gpid%22%3A%22%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fmpu2%22%2C%22tid%22%3A%22cf979852-d3ef-482c-a81b-b86567db1fbb%22%7D%7D%2C%7B%22id%22%3A%221873507e27a1c81%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A253%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A603%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fmpu3%22%2C%22gpid%22%3A%22%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fmpu3%22%2C%22tid%22%3A%2292b8635f-7813-4229-a55c-4294f3701d4f%22%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66091c1deeccf7f2db2111482913c4034b8d961aa16107928a3d7e534ef6f7b8

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RiR%2ByfUDN1eoVrRC%2FSa5tSbQnk5%2FqWFjx%2BotNEG%2F4HJW%2FO6M%2FRX8K9Nff9ZAxVJOfmokXZGNTgtAVOnFhV7fdEMM2hOqTjlvpBoPBHTxFTZJbnm2Ao0TncrK%2F2G%2BzE7JE5fqXRF8"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7c03e1918877a20a-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ 		694 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e8d21a156633e25656595a2817a51b442d3aa17e8ba009ac607df0b5aec81d19
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 01 May 2023 00:24:22 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
83decc9d-57b8-4cef-8f9c-0832108e94d9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.itpro.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
hb.undertone.com/ 		0
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=2731&domain=itpro.com&gdpr=0&gdprstr=&ccpa=1---
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-83.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
via
1.1 74e6dd86eff86d5443ebe1a2ced7df88.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.itpro.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
18
x-amz-cf-id
OIDauGJ2I3idyAtg_Y9tgrqIVN0dSfDB2W0z4H_nADqaAEIQqoypuQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2c90a3a8ab190c1a51389eb86937c40498f3c12ef6b7094044b5de84d2c76830

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 01 May 2023 00:24:22 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
fastlane.json
fastlane.rubiconproject.com/a/api/ 		339 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9788&site_id=463342&zone_id=2723034&size_id=2&alt_size_ids=55%2C57%2C78&gdpr=0&us_privacy=1---&rf=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&tg_i.pbadslot=%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fleaderboard&tk_flint=pbjs_lite_v7.18.0&x_source.tid=f987a15c-8e3e-487b-a4b5-e822700e0123&l_pb_bid_id=42a301402e43d15&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fleaderboard&slots=1&rand=0.3151373014147356
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2490f96550c98c46aae6e31b8d1b8c6e927feb4bbd8e0e6f70a8ffa3871412a5

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.itpro.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
339
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		330 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9788&site_id=463342&zone_id=2723034&size_id=15&alt_size_ids=10&gdpr=0&us_privacy=1---&rf=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&tg_i.pbadslot=%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fmpu1&tk_flint=pbjs_lite_v7.18.0&x_source.tid=05807041-7505-4f03-95e6-7dbeb7255e19&l_pb_bid_id=430cf9ce255e2e5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fmpu1&slots=1&rand=0.8022275225021338
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0cd10c0b413cb48f10aa3ca4ada042132a8bd7966299a44f5d17edfb6a55d886

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.itpro.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
330
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		330 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9788&site_id=463342&zone_id=2723034&size_id=15&alt_size_ids=10&gdpr=0&us_privacy=1---&rf=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&tg_i.pbadslot=%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fmpu2&tk_flint=pbjs_lite_v7.18.0&x_source.tid=cf979852-d3ef-482c-a81b-b86567db1fbb&l_pb_bid_id=44fdb222a495f6a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fmpu2&slots=1&rand=0.6966628058183801
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cb426d3cb4dc8a075beeab04a88e787aa9d5defa292d52df4f814a3441f44813

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.itpro.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
330
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		330 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9788&site_id=463342&zone_id=2723034&size_id=15&alt_size_ids=10&gdpr=0&us_privacy=1---&rf=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&tg_i.pbadslot=%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fmpu3&tk_flint=pbjs_lite_v7.18.0&x_source.tid=92b8635f-7813-4229-a55c-4294f3701d4f&l_pb_bid_id=4587e97aed45dde&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fmpu3&slots=1&rand=0.04250412709192686
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7e7700d723eb2a42daa71ecd0cbcef8d16d0d781e4264fd5c7fed750974c7bea

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.itpro.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
330
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		311 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9788&site_id=463342&zone_id=2723034&size_id=221&gdpr=0&us_privacy=1---&rf=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&tg_i.pbadslot=%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fskin&tk_flint=pbjs_lite_v7.18.0&x_source.tid=d02872b2-154f-4bbb-9b69-8697c044066b&l_pb_bid_id=4616208ed8f7d73&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fskin&slots=1&rand=0.825436523166674
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8660d516b35299322e019a52264dd8fea9931f1123a9c09699c867009cae5ec9

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.itpro.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
311
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		314 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9788&site_id=463342&zone_id=2723034&size_id=221&gdpr=0&us_privacy=1---&rf=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&tg_i.pbadslot=%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Foverlay&tk_flint=pbjs_lite_v7.18.0&x_source.tid=8fcfd70d-13eb-4bbf-99f4-3a9512b6952b&l_pb_bid_id=473f1f5d5dadc31&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Foverlay&slots=1&rand=0.008987767569432537
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c001::200:144 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
39db0fea1e2a3b63496f1f6f1226ce7780ec92d86475eea39ddb38b8efc35679

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.itpro.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
314
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.itpro.com
date
Mon, 01 May 2023 00:24:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
aax.amazon-adsystem.com/e/dtb/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3032&u=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&pid=Gcdc68XjobmOV&cb=1&ws=1600x1200&v=23.426.459&t=2000&slots=%5B%7B%22sd%22%3A%22bordeaux-standard-ad-0%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fleaderboard%22%7D%2C%7B%22sd%22%3A%22bordeaux-standard-ad-1%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22bordeaux-standard-ad-2%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fmpu2%22%7D%2C%7B%22sd%22%3A%22bordeaux-standard-ad-3%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F10518929%2Fitpro.co.uk%2Fbuying-guide%2Farticle%2Fmpu3%22%7D%5D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.94.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-94-225.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
1e8656db974a5176dba5460b4a0abdd4213a1ff3c0699a5d9c4187fb9c216a17
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
5Z3SKM3R9B8258Z4JV9Q
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
1640
x-amz-cf-id
FupkTQkVmj3gjaWOzTgqoXkgUP3Vt8z4LpyuKVXUS-evyg-74HXoEQ==
pub
pixel.adsafeprotected.com/services/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=923193&slot=%7Bid:bordeaux-standard-ad-0,ss:%5B970.250,970.90,728.90,980.240%5D,p:/10518929/itpro.co.uk/buying-guide/article/leaderboard,t:display%7D&slot=%7Bid:bordeaux-standard-ad-1,ss:%5B300.600,300.250,300.251,300.601%5D,p:/10518929/itpro.co.uk/buying-guide/article/mpu1,t:display%7D&slot=%7Bid:bordeaux-standard-ad-2,ss:%5B300.600,300.250,300.252,300.602%5D,p:/10518929/itpro.co.uk/buying-guide/article/mpu2,t:display%7D&slot=%7Bid:bordeaux-standard-ad-3,ss:%5B300.600,300.250,300.253,300.603%5D,p:/10518929/itpro.co.uk/buying-guide/article/mpu3,t:display%7D&slot=%7Bid:bordeaux-standard-ad-4,ss:%5B1.1%5D,p:/10518929/itpro.co.uk/buying-guide/article/skin,t:display%7D&slot=%7Bid:bordeaux-standard-ad-5,ss:%5B1.1%5D,p:/10518929/itpro.co.uk/buying-guide/article/overlay,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=84313ae5-47ff-593e-7e6b-5687091541d0&url=https%253A%252F%252Fwww.itpro.com%252Fsecurity%252Fmalware%252F28083%252Fbest-free-malware-removal-tools
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.196.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-196-190.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6336fa3a0c832786cd21ffbc62e9ce2124cb81a94aaef7ee0cd26e7457c7c483

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
server
nginx
x-server-name
app13.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.itpro.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-886250048&e=e&n=6342135300982943&abc=0&abt=128_sendDomainToFeedsOn&aid=wRvAOEYoEeyfkEbo2AynAw&amp=0&ask=dqH3tS48&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=yu4ufe17rzmp&i=0&id=VghWffSP&lid=hryn8j16dqt0&lsa=read&mt=1&pbd=1&pbr=1&pgi=78elduk3brvu&ph=1&pid=aWeJUC35&pii=0&pl=339&plc=5&pli=2b62tn17duzd&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=6%20of%20the%20best%20free%20malware%20removal%20tools%20for%20SMBs%20in%202023%20%7C%20ITPro&pu=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&pv=8.26.9&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=It%20Pro%20Asks%20%7C%20Is%20A%20Four-day%20Working%20Week%20Right%20For%20Your%20Business%3F&tv=3.42.2&vb=0&vi=0&vl=90&wd=602&ab=1&bpv=7.1.1&cae=0&cb=1&cdid=botr_YYRngYhb_aWeJUC35_div&cme=0&dd=1&fed=YYRngYhb&flc=0&fv=&ga=0&ipv=0.7.1&lng=en&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FVghWffSP.m3u8&pbc=0&pd=2&pdr=&plng=en&plt=2200&pni=0&po=0&pogt=6%20of%20the%20best%20free%20malware%20removal%20tools%20in%202023&sp=0&st=750&sa=1682900657535
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-yyz4534-YYZ
date
Mon, 01 May 2023 00:24:22 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
ping.gif
prd.jwpltx.com/v1/clienta/ 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/clienta/ping.gif?h=-1502926047&e=abq&n=3350887841526944&abc=0&abt=128_sendDomainToFeedsOn&aid=wRvAOEYoEeyfkEbo2AynAw&amp=0&ask=dqH3tS48&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=yu4ufe17rzmp&i=0&id=VghWffSP&lid=hryn8j16dqt0&lsa=read&mt=1&pbd=1&pbr=1&pgi=78elduk3brvu&ph=1&pid=aWeJUC35&pii=0&pl=339&plc=5&pli=2b62tn17duzd&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=6%20of%20the%20best%20free%20malware%20removal%20tools%20for%20SMBs%20in%202023%20%7C%20ITPro&pu=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&pv=8.26.9&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=It%20Pro%20Asks%20%7C%20Is%20A%20Four-day%20Working%20Week%20Right%20For%20Your%20Business%3F&tv=3.42.2&vb=0&vi=0&vl=90&wd=602&ab=1&abid=qbma216qfokb&apid=qbma216qfokb&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=0&flpy=USD&vpb=%7B%22mediagrid.id%22%3A%22160420%22%2C%22mediagrid.type%22%3A%22OpenRTB%22%2C%22mediagrid.pubid%22%3A%22KhoniDGo%22%2C%22indexexchange.id%22%3A%22755062%22%2C%22indexexchange.type%22%3A%22OpenRTB%22%2C%22pubmatic.id%22%3A%224155980%22%2C%22pubmatic.type%22%3A%22OpenRTB%22%2C%22pubmatic.pubid%22%3A%22158831%22%2C%22rubicon.pubid%22%3A9788%2C%22rubicon.siteId%22%3A435088%2C%22openx.id%22%3A%22557568645%22%2C%22synacormedia.id%22%3A%22100548%22%2C%22synacormedia.type%22%3A%22OpenRTB%22%2C%22synacormedia.pubid%22%3A%22jwplayer%22%2C%22medianet.id%22%3A%22833314684%22%2C%22medianet.pubid%22%3A%228CUTF28CX%22%7D&vto=3000&bpv=7.1.1&ipv=0.7.1&rtp=%7B%7D&tpi=80000020%2C80000030%2C80000040%2C80000050%2C80000060%2C80000065%2C80000070%2C80000075%2C80000080%2C80011026%2C80011035%2C80011079%2C80011080%2C80011081%2C80011082%2C90000020%2C90000030%2C90000040%2C90000050%2C90000060%2C90000065%2C90000070%2CCMTPI-0059DF08%2CCMTPI-03654CCA%2CCMTPI-0677E447%2CCMTPI-0BF58D82%2CCMTPI-0CECEC20%2CCMTPI-0D820080%2CCMTPI-0E02F6C6%2CCMTPI-0EF8C0FC%2CCMTPI-115A18D9%2CCMTPI-129516EC%2CCMTPI-12D0185C%2CCMTPI-1403EFCF%2CCMTPI-16A13FA0%2CCMTPI-17E1858C%2CCMTPI-17FC149F%2CCMTPI-1801D437%2CCMTPI-18220805%2CCMTPI-1862FE8D%2CCMTPI-1A914BA9%2CCMTPI-1B48303C%2CCMTPI-1C1AF9F6%2CCMTPI-20972238%2CCMTPI-214AEA2B%2CCMTPI-215023C5%2CCMTPI-272784B3%2CCMTPI-28EF756E%2CCMTPI-298C1144%2CCMTPI-29EB2E80%2CCMTPI-2A67AF12%2CCMTPI-2AFB1697%2CCMTPI-2FD41300%2CCMTPI-31934974%2CCMTPI-31C465AB%2CCMTPI-32EEF776%2CCMTPI-33B15822%2CCMTPI-36BA92AC%2CCMTPI-3A3D73D1%2CCMTPI-3B1F64F2%2CCMTPI-3BF4C761%2CCMTPI-3C3D93D3%2CCMTPI-3C5D709B%2CCMTPI-3E34813A%2CCMTPI-3FE7BB03%2CCMTPI-40E2BC75%2CCMTPI-41AE15D8%2CCMTPI-423BC984%2CCMTPI-434208A3%2CCMTPI-43DB8114%2CCMTPI-456A40FB%2CCMTPI-468780F8%2CCMTPI-48AEA217%2CCMTPI-490406BA%2CCMTPI-49B3B8DB%2CCMTPI-4A797E04%2CCMTPI-4B5BC946%2CCMTPI-4C74FA64%2CCMTPI-4C78F6C7%2CCMTPI-4E807C99%2CCMTPI-4E9D34DD%2CCMTPI-4EDCA4BA%2CCMTPI-501E7815%2CCMTPI-50A1AE94%2CCMTPI-520BE62D%2CCMTPI-5272012D%2CCMTPI-52854BF9%2CCMTPI-54B3F68C%2CCMTPI-54E20E46%2CCMTPI-564BDB0E%2CCMTPI-57B67DE4%2CCMTPI-58ACA4A6%2CCMTPI-5ACCB87D%2CCMTPI-5B0F2BAA%2CCMTPI-5B9116B8%2CCMTPI-5C08D349%2CCMTPI-5C0D30E6%2CCMTPI-5D8B9118%2CCMTPI-5E59A0FD%2CCMTPI-5E67FFE1%2CCMTPI-61F57FCB%2CCMTPI-62382625%2CCMTPI-63D8A54B%2CCMTPI-647F1C78%2CCMTPI-674B4FDD%2CCMTPI-686F79B8%2CCMTPI-697B8462%2CCMTPI-6C948CDE%2CCMTPI-6CCEA632%2CCMTPI-6CFA8301%2CCMTPI-6F0857A8%2CCMTPI-718B3060%2CCMTPI-71FEED05%2CCMTPI-7232FEF3%2CCMTPI-7263294A%2CCMTPI-7346A449%2CCMTPI-740E0FB8%2CCMTPI-762DECC0%2CCMTPI-77B6A0A4%2CCMTPI-795ACE23%2CCMTPI-79A545BA%2CCMTPI-7BFDFB83%2CCMTPI-7D6DB333%2CCMTPI-7E91FBCE%2CCMTPI-83C73318%2CCMTPI-89F0B407%2CCMTPI-8B4FD699%2CCMTPI-8B550176%2CCMTPI-8E8A5556%2CCMTPI-8F0256F5%2CCMTPI-90FEB605%2CCMTPI-91B4B8A6%2CCMTPI-93D1808E%2CCMTPI-96FC6C06%2CCMTPI-974A6972%2CCMTPI-984BCCFF%2CCMTPI-992180C3%2CCMTPI-9934B409%2CCMTPI-99CEEDE8%2CCMTPI-99EED9E9%2CCMTPI-A2DC63AE%2CCMTPI-A2F0F533%2CCMTPI-A483A820%2CCMTPI-A51B55FC%2CCMTPI-A6886128%2CCMTPI-A701553E%2CCMTPI-A91ACFF2%2CCMTPI-AABB9CCA%2CCMTPI-ABB5E719%2CCMTPI-AC2C56B0%2CCMTPI-AD2B955A%2CCMTPI-B036B396%2CCMTPI-B589368E%2CCMTPI-B920F2B6%2CCMTPI-B9A1EE8A%2CCMTPI-B9DA6E48%2CCMTPI-B9E4BFCF%2CCMTPI-BDDD283A%2CCMTPI-C01F4CFD%2CCMTPI-C4784F98%2CCMTPI-C4EA78D9%2CCMTPI-C62EB36B%2CCMTPI-C7DF78E4%2CCMTPI-C8AB068D%2CCMTPI-CB93CF8E%2CCMTPI-CB9C09B9%2CCMTPI-CBF449AB%2CCMTPI-CC176359%2CCMTPI-CE58AFA9%2CCMTPI-CEFA13A3%2CCMTPI-CF57DBA3%2CCMTPI-CFB4B3E3%2CCMTPI-D196FF45%2CCMTPI-D1DFAFF8%2CCMTPI-D3D70833%2CCMTPI-D5172FF2%2CCMTPI-D57220A0%2CCMTPI-D69D3CA0%2CCMTPI-D727A638%2CCMTPI-D76CDC84%2CCMTPI-D85E312F%2CCMTPI-D9642A4D%2CCMTPI-DC46F2B4%2CCMTPI-DD635F5C%2CCMTPI-DF8C4D85%2CCMTPI-E1606495%2CCMTPI-E2876E9D%2CCMTPI-E4A035FB%2CCMTPI-E512F21E%2CCMTPI-E5980AAF%2CCMTPI-E62C5E5E%2CCMTPI-E884C5E3%2CCMTPI-E8DF00E6%2CCMTPI-E914FCF7%2CCMTPI-EA82FD75%2CCMTPI-EAC07C3B%2CCMTPI-EB768A63%2CCMTPI-EBBC6069%2CCMTPI-EBE41FDF%2CCMTPI-ED50DBDE%2CCMTPI-F03021C3%2CCMTPI-F0583F13%2CCMTPI-F2D29CC9%2CCMTPI-F35B60D9%2CCMTPI-F3B6F1FD%2CCMTPI-F591DCE4%2CCMTPI-F70B1614%2CCMTPI-F734BAED%2CCMTPI-F746E76E%2CCMTPI-F92CCD2F%2CCMTPI-F99B2D6D%2CCMTPI-F9D85EE2%2CCMTPI-FCE57443%2CJWIAB052&sa=1682900657559
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-yyz4534-YYZ
date
Mon, 01 May 2023 00:24:22 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
ping.gif
prd.jwpltx.com/v1/clienta/ 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/clienta/ping.gif?h=1663450202&e=abr&n=6854544843171080&abc=0&abt=128_sendDomainToFeedsOn&aid=wRvAOEYoEeyfkEbo2AynAw&amp=0&ask=dqH3tS48&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=yu4ufe17rzmp&i=0&id=VghWffSP&lid=hryn8j16dqt0&lsa=read&mt=1&pbd=1&pbr=1&pgi=78elduk3brvu&ph=1&pid=aWeJUC35&pii=0&pl=339&plc=5&pli=2b62tn17duzd&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=6%20of%20the%20best%20free%20malware%20removal%20tools%20for%20SMBs%20in%202023%20%7C%20ITPro&pu=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&pv=8.26.9&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=It%20Pro%20Asks%20%7C%20Is%20A%20Four-day%20Working%20Week%20Right%20For%20Your%20Business%3F&tv=3.42.2&vb=0&vi=0&vl=90&wd=602&ab=1&abid=qbma216qfokb&apid=qbma216qfokb&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=0&flpy=USD&vpb=%7B%22mediagrid.id%22%3A%22160420%22%2C%22mediagrid.type%22%3A%22OpenRTB%22%2C%22mediagrid.pubid%22%3A%22KhoniDGo%22%2C%22mediagrid.result%22%3A0%2C%22mediagrid.code%22%3A0%2C%22mediagrid.timeForBidResponse%22%3A295%2C%22indexexchange.id%22%3A%22755062%22%2C%22indexexchange.type%22%3A%22OpenRTB%22%2C%22indexexchange.result%22%3A0%2C%22indexexchange.code%22%3A0%2C%22indexexchange.timeForBidResponse%22%3A238%2C%22pubmatic.id%22%3A%224155980%22%2C%22pubmatic.type%22%3A%22OpenRTB%22%2C%22pubmatic.pubid%22%3A%22158831%22%2C%22pubmatic.result%22%3A0%2C%22pubmatic.code%22%3A0%2C%22pubmatic.timeForBidResponse%22%3A223%2C%22jwdemand.errorCode%22%3A3%2C%22jwdemand.result%22%3A3%2C%22jwdemand.code%22%3A3%2C%22jwdemand.timeForBidResponse%22%3A0%2C%22rubicon.pubid%22%3A9788%2C%22rubicon.siteId%22%3A435088%2C%22rubicon.result%22%3A0%2C%22rubicon.code%22%3A0%2C%22rubicon.timeForBidResponse%22%3A312%2C%22openx.id%22%3A%22557568645%22%2C%22openx.result%22%3A0%2C%22openx.code%22%3A0%2C%22openx.timeForBidResponse%22%3A242%2C%22synacormedia.id%22%3A%22100548%22%2C%22synacormedia.type%22%3A%22OpenRTB%22%2C%22synacormedia.pubid%22%3A%22jwplayer%22%2C%22synacormedia.result%22%3A0%2C%22synacormedia.code%22%3A0%2C%22synacormedia.timeForBidResponse%22%3A221%2C%22medianet.id%22%3A%22833314684%22%2C%22medianet.pubid%22%3A%228CUTF28CX%22%2C%22medianet.result%22%3A0%2C%22medianet.code%22%3A0%2C%22medianet.timeForBidResponse%22%3A212%7D&vto=3000&sa=1682900657919
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-yyz4534-YYZ
date
Mon, 01 May 2023 00:24:22 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
partner
pixel.servebom.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8079%26svc%3Dus%26id%3D23%2C26%2C29%26uid%3D$UID
  • https://pixel.servebom.com/partner?cb=8079&svc=us&id=23,26,29&uid=5364052513180930309
70 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=8079&svc=us&id=23,26,29&uid=5364052513180930309
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682900662.cds053.dc2.hn,1682900662.cds053.dc2.sl
content-type
image/png

Redirect headers

Date
Mon, 01 May 2023 00:24:22 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
13a8d131-1044-406f-8d72-367f6ae88f0a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://pixel.servebom.com/partner?cb=8079&svc=us&id=23,26,29&uid=5364052513180930309
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
partner
pixel.servebom.com/
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=de2d90e5-4d26-4c8c-a342-3edcde51fdb1&ph=25af9286-f23b-4b02-abcd-f2ee3b564dab&r=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D6959%26svc%3...
  • https://pixel.servebom.com/partner?cb=6959&svc=us&id=22&uid=0bdeddd8-ee2a-03eb-2a35-b3da2d9dd968
70 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=6959&svc=us&id=22&uid=0bdeddd8-ee2a-03eb-2a35-b3da2d9dd968
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682900662.cds053.dc2.hn,1682900662.cds053.dc2.sl
content-type
image/png

Redirect headers

date
Mon, 01 May 2023 00:24:22 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://pixel.servebom.com/partner?cb=6959&svc=us&id=22&uid=0bdeddd8-ee2a-03eb-2a35-b3da2d9dd968
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
uc.js
sync.go.sonobi.com/ 		2 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.js
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
87204cd5b04dc1df83e6221733cd2d2498bff10ff6c093581e169b4c5ab0606b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-167
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
987
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
partner
pixel.servebom.com/
Redirect Chain
  • https://purch-sync.go.sonobi.com/us?https://pixel.servebom.com/partner?cb=6994&svc=us&id=9&uid=[UID]
  • https://pixel.servebom.com/partner?cb=6994&svc=us&id=9&uid=cc54377c-6a9e-4e6a-b12e-79ecec04d9a8
70 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=6994&svc=us&id=9&uid=cc54377c-6a9e-4e6a-b12e-79ecec04d9a8
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682900662.cds053.dc2.hn,1682900662.cds053.dc2.sl
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-167
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://pixel.servebom.com/partner?cb=6994&svc=us&id=9&uid=cc54377c-6a9e-4e6a-b12e-79ecec04d9a8
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
partner
pixel.servebom.com/
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D9841%26svc%3Dus%26id%3D24%26uid%3D$UID
  • https://pixel.servebom.com/partner?cb=9841&svc=us&id=24&uid=GkeYTLZH5EevHt7VRiGLiTt6
70 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=9841&svc=us&id=24&uid=GkeYTLZH5EevHt7VRiGLiTt6
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682900662.cds053.dc2.hn,1682900662.cds053.dc2.sl
content-type
image/png

Redirect headers

Date
Mon, 01 May 2023 00:24:22 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://pixel.servebom.com/partner?cb=9841&svc=us&id=24&uid=GkeYTLZH5EevHt7VRiGLiTt6
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ord1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
partner
pixel.servebom.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D5619%26svc%3Dus%26id%3D14%26uid%3D%24UID
  • https://pixel.servebom.com/partner?cb=5619&svc=us&id=14&uid=694731493061520576076
70 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=5619&svc=us&id=14&uid=694731493061520576076
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682900662.cds053.dc2.hn,1682900662.cds053.dc2.sl
content-type
image/png

Redirect headers

location
https://pixel.servebom.com/partner?cb=5619&svc=us&id=14&uid=694731493061520576076
date
Mon, 01 May 2023 00:24:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
partner
pixel.servebom.com/
Redirect Chain
  • https://purch-match.dotomi.com/match/bounce/current?networkId=20077&version=1&rurl=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7124%26svc%3Dus%26id%3D36%26uid%3D$UID&gdpr=0&gdpr_consent=&_ori...
  • https://purch-match.dotomi.com/match/bounce/current?DotomiTest=5660380b36880fe8&is_secure=true&networkId=20077&version=1&rurl=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7124%26svc%3Dus%26id%...
  • https://pixel.servebom.com/partner?cb=7124&svc=us&id=36&uid=AAAFprChiHtnIgNkjoiMAAAAAAA&expiration=1682987062&_origin=1&is_secure=true&gdpr_consent=&gdpr=0&redir=true
70 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=7124&svc=us&id=36&uid=AAAFprChiHtnIgNkjoiMAAAAAAA&expiration=1682987062&_origin=1&is_secure=true&gdpr_consent=&gdpr=0&redir=true
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682900662.cds053.dc2.hn,1682900662.cds053.dc2.sl
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://pixel.servebom.com/partner?cb=7124&svc=us&id=36&uid=AAAFprChiHtnIgNkjoiMAAAAAAA&expiration=1682987062&_origin=1&is_secure=true&gdpr_consent=&gdpr=0&redir=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
partner
pixel.servebom.com/
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj3GAAS&ru=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D2757%26svc%3Dus%26id%3D59%26uid%3D33XUSERID33X
  • https://pixel.servebom.com/partner?cb=2757&svc=us&id=59&uid=212153908003024
70 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=2757&svc=us&id=59&uid=212153908003024
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682900662.cds053.dc2.hn,1682900662.cds053.dc2.sl
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:21 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://pixel.servebom.com/partner?cb=2757&svc=us&id=59&uid=212153908003024
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E032 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?r=10461&p=46338&predirect=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D4968%26svc%3Dus%26id%3D5%26uid%3D
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=32890
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 01 May 2023 00:24:22 GMT
expires
Mon, 01 May 2023 09:32:32 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
userSync.js
ads.pubmatic.com/AdServer/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf105a11e980fd6a1810ee3e340f707b21c47353fd7dd00401791678bf904381

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 06:09:39 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=138676
accept-ranges
bytes
content-length
2358
expires
Tue, 02 May 2023 14:55:38 GMT
partner
pixel.servebom.com/ Frame EEE2
Redirect Chain
  • https://qds0l.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8257%26svc%3Dus%26id%3D32%26uid%3D%5Btvid%5D
  • https://qds0l.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8257%26svc%3Dus%26id%3D32%26uid%3D%5Btvid%5D
  • https://pixel.servebom.com/partner?cb=8257&svc=us&id=32&uid=38a8cb24600543599a81473ddc58df9a
70 B
192 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.servebom.com/partner?cb=8257&svc=us&id=32&uid=38a8cb24600543599a81473ddc58df9a
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store
content-encoding
UTF-8
content-type
image/png
date
Mon, 01 May 2023 00:24:22 GMT
x-hw
1682900662.cds053.dc2.hn,1682900662.cds053.dc2.sl

Redirect headers

content-length
0
date
Mon, 01 May 2023 00:24:22 GMT
location
https://pixel.servebom.com/partner?cb=8257&svc=us&id=32&uid=38a8cb24600543599a81473ddc58df9a
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
usermatch
ssum-sec.casalemedia.com/ Frame 8BF5 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?r=1430&s=181869&cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D6106%26svc%3Dus%26id%3D2%26uid%3D
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
eeda1288012c465162652482a690362feca4ac37f9106996abf06d0f7410ad44

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1870
Content-Type
text/html
Date
Mon, 01 May 2023 00:24:22 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
sync_iframe
sync.bfmio.com/ Frame CC25 		390 B
721 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=4&id=Purch&gdpr=0&gc=&gce=1
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.45.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-45-124.compute-1.amazonaws.com
Software
/
Resource Hash
bc9f54667cab537f42eb9d56b08586984371c288fe5b19ef31326a089893636b

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
390
Content-Type
text/html
Date
Mon, 01 May 2023 00:24:21 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9C45 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?r=6690&p=156007&predirect=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D5522%26svc%3Dus%26id%3D46%26uid%3D
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=32890
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 01 May 2023 00:24:22 GMT
expires
Mon, 01 May 2023 09:32:32 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B862
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?r=488&p=11868&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?r=488&p=11868&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?r=488&p=11868&endpoint=us-east
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.5.102.29 Toronto, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-102-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 May 2023 00:24:22 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 01 May 2023 00:24:22 GMT
location
https://eus.rubiconproject.com/usync.html?r=488&p=11868&endpoint=us-east
server
AkamaiGHost
partner
pixel.servebom.com/ Frame 3D87
Redirect Chain
  • https://pixel.advertising.com/ups/58164/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58164/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true
  • https://pixel.servebom.com/partner?&svc=us&id=57&uid=y-yoI.V1tE2uFuqAakwiLzaWPR4.mtFddT~A
70 B
198 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.servebom.com/partner?&svc=us&id=57&uid=y-yoI.V1tE2uFuqAakwiLzaWPR4.mtFddT~A
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store
content-encoding
UTF-8
content-type
image/png
date
Mon, 01 May 2023 00:24:22 GMT
x-hw
1682900662.cds053.dc2.hn,1682900662.cds053.dc2.sl

Redirect headers

age
0
content-length
0
date
Mon, 01 May 2023 00:24:22 GMT
location
https://pixel.servebom.com/partner?&svc=us&id=57&uid=y-yoI.V1tE2uFuqAakwiLzaWPR4.mtFddT~A
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
partner
pixel.servebom.com/ Frame D463
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58290/sync?redir=true
  • https://pixel.servebom.com/partner?svc=us&id=61&uid=y-ptgwb0FE2uJ0SyTlUZ08ubeozupTdrg-~A
70 B
286 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.servebom.com/partner?svc=us&id=61&uid=y-ptgwb0FE2uJ0SyTlUZ08ubeozupTdrg-~A
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store
content-encoding
UTF-8
content-type
image/png
date
Mon, 01 May 2023 00:24:22 GMT
x-hw
1682900662.cds053.dc2.hn,1682900662.cds053.dc2.sl

Redirect headers

age
0
content-length
0
date
Mon, 01 May 2023 00:24:22 GMT
location
https://pixel.servebom.com/partner?svc=us&id=61&uid=y-ptgwb0FE2uJ0SyTlUZ08ubeozupTdrg-~A
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
partner
pixel.servebom.com/ Frame 9F5F
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7607%26svc%3Dus%26id%3D62%26uid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
  • https://pixel.servebom.com/partner?cb=7607&svc=us&id=62&uid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&cookie_age=5
70 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.servebom.com/partner?cb=7607&svc=us&id=62&uid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&cookie_age=5
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store
content-encoding
UTF-8
content-type
image/png
date
Mon, 01 May 2023 00:24:22 GMT
x-hw
1682900662.cds053.dc2.hn,1682900662.cds053.dc2.sl

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 01 May 2023 00:24:22 GMT
Location
https://pixel.servebom.com/partner?cb=7607&svc=us&id=62&uid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&cookie_age=5
Server
nginx
partner
pixel.servebom.com/ Frame AFBC
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=dSvJjhJF
  • https://pixel.servebom.com/partner?svc=us&id=64&uid=dfe7fbb1-55ce-41d1-849c-c06fbefaa442
70 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.servebom.com/partner?svc=us&id=64&uid=dfe7fbb1-55ce-41d1-849c-c06fbefaa442
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store
content-encoding
UTF-8
content-type
image/png
date
Mon, 01 May 2023 00:24:22 GMT
x-hw
1682900662.cds053.dc2.hn,1682900662.cds053.dc2.sl

Redirect headers

content-length
0
date
Mon, 01 May 2023 00:24:22 GMT
location
https://pixel.servebom.com/partner?svc=us&id=64&uid=dfe7fbb1-55ce-41d1-849c-c06fbefaa442
isync
visitor.omnitagjs.com/visitor/ Frame 91EB 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
440dfe3170488271990c0fc096d32ce1b7d0cb36d874ca6dee769247f66c2ac0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1362
content-type
text/html; charset=UTF-8
date
Mon, 01 May 2023 00:24:21 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-usa02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
ramp
ads.servebom.com/ 		483 B
917 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servebom.com/ramp?r=134&o={%22f%22:%22%22,%22p%22:null,%22l%22:%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools%22,%22rf%22:%22%22,%22tt%22:%226%2020of%2020the%2020best%2020free%2020malware%2020removal%2020tools%2020for%2020SMBs%2020in%20202023%2020%207C%2020ITPro%22,%22fs%22:0,%22t%22:%222023-05-01%2000:24:22%22,%22tz%22:0,%22r%22:%221600x1200%22,%22pam%22:%22allowed%22,%22gdprConsent%22:null,%22ccpa%22:null,%22g%22:[],%22a%22:[{%22s%22:%22/10518929/itpro.co.uk/buying-guide/article/leaderboard%22,%22z%22:[[970,250],[970,90],[728,90],[980,240]],%22d%22:%22bordeaux-standard-ad-0%22},{%22s%22:%22/10518929/itpro.co.uk/buying-guide/article/mpu1%22,%22z%22:[[300,600],[300,250],[300,251],[300,601]],%22d%22:%22bordeaux-standard-ad-1%22},{%22s%22:%22/10518929/itpro.co.uk/buying-guide/article/mpu2%22,%22z%22:[[300,600],[300,250],[300,252],[300,602]],%22d%22:%22bordeaux-standard-ad-2%22},{%22s%22:%22/10518929/itpro.co.uk/buying-guide/article/mpu3%22,%22z%22:[[300,600],[300,250],[300,253],[300,603]],%22d%22:%22bordeaux-standard-ad-3%22},{%22s%22:%22/10518929/itpro.co.uk/buying-guide/article/skin%22,%22z%22:[[1,1]],%22d%22:%22bordeaux-standard-ad-4%22},{%22s%22:%22/10518929/itpro.co.uk/buying-guide/article/overlay%22,%22z%22:[[1,1]],%22d%22:%22bordeaux-standard-ad-5%22}],%22ex%22:[],%22tpl%22:%22article%22,%22seg%22:%2273403,83037,83205,84032,85199,85460,88284,89871,91812,94788,103448,105767,109071,110120,113625,113650,131007,145735,bgfz%22,%22fp%22:{%22300x600%22:2.8,%22728x90%22:2.44,%22300x252%22:2.9,%22300x250%22:2.81,%22160x600%22:1.57,%22300x251%22:2.98,%22970x250%22:2.3,%22970x90%22:2.41}}&uuid=a5230486eb3f49ce9f38917325f7cceb
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
48a02185aafbbaf6ad351fd0ee1092ec9ec9329ba209a688394196b78de93fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-hw
1682900662.cds198.dc2.hn,1682900662.cds048.dc2.sc,1682900662.cds048.dc2.p
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.itpro.com
content-type
text/plain
access-control-allow-credentials
true
timing-allow-origin
*
content-length
303
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=9e764996-7ce7-4548-a670-6482f1d6a5d0&ssp=sonobi&expires=30&user_group=5&bsw_param=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b
49 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-167
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b
Date
Mon, 01 May 2023 00:24:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&pubid=
49 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&pubid=
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-167
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&pubid=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
207
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=4321644f-06b3-4d00-9f02-623ffea91b7e
49 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=4321644f-06b3-4d00-9f02-623ffea91b7e
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-167
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 01 May 2023 00:24:22 GMT
Server
MT3 830 785530e master ord-pixel-x20 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=4321644f-06b3-4d00-9f02-623ffea91b7e
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 01 May 2023 00:24:21 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978477414459663588
49 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978477414459663588
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-167
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978477414459663588
Date
Mon, 01 May 2023 00:24:22 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=cc54377c-6a9e-4e6a-b12e-79ecec04d9a8&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=HSYqt5fCNHLv
49 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=HSYqt5fCNHLv
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-167
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=HSYqt5fCNHLv
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-lmmsp
expires
-1
user-sync
sync.adkernel.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=183045&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmd%26nuid%3D%7BUID%7D
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58645/occ
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-asknpzFE2uGLRdPtD2tgHm.g4PO2u73zCHj7M4g-~A
49 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-asknpzFE2uGLRdPtD2tgHm.g4PO2u73zCHj7M4g-~A
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-167
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-asknpzFE2uGLRdPtD2tgHm.g4PO2u73zCHj7M4g-~A
date
Mon, 01 May 2023 00:24:22 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=cd3ab30d3ce34ba7bab30d3ce3bba715
49 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=co&nuid=cd3ab30d3ce34ba7bab30d3ce3bba715
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-167
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 01 May 2023 00:24:21 GMT
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.itpro.com
location
https://sync.go.sonobi.com/us.gif?nw=co&nuid=cd3ab30d3ce34ba7bab30d3ce3bba715
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
0
all
ssl-market-east.smrtb.com/sync/ 		0
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=cc54377c-6a9e-4e6a-b12e-79ecec04d9a8&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=d7e8299c-83aa-404a-8a25-2ff9cebaf077
49 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=d7e8299c-83aa-404a-8a25-2ff9cebaf077
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-167
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=d7e8299c-83aa-404a-8a25-2ff9cebaf077
date
Mon, 01 May 2023 00:24:22 GMT
content-length
120
vary
Origin
content-type
text/html; charset=utf-8
30907
tags.bluekai.com/site/ 		62 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/30907?id=cc54377c-6a9e-4e6a-b12e-79ecec04d9a8
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.156.219 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-156-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 01 May 2023 00:24:22 GMT
content-length
62
content-type
image/gif
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=5364052513180930309
49 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=5364052513180930309
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-167
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 01 May 2023 00:24:22 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1b015075-f73b-4b7f-9945-df167f7fe34e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=5364052513180930309
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=tl&nuid=694731493061520576076
49 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=694731493061520576076
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-167
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=694731493061520576076
date
Mon, 01 May 2023 00:24:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=av
49 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=av
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-167
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=av
date
Mon, 01 May 2023 00:24:22 GMT
server
Apache-Coyote/1.1
content-length
0
usersync
match.bnmla.com/ 		0
0
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Y2M1NDM3N2MtNmE5ZS00ZTZhLWIxMmUtNzllY2VjMDRkOWE4
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEBYXz0LLnEFjT3TsXrQEf4w&google_cver=1
49 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEBYXz0LLnEFjT3TsXrQEf4w&google_cver=1
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-167
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEBYXz0LLnEFjT3TsXrQEf4w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=cc54377c-6a9e-4e6a-b12e-79ecec04d9a8
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=cc54377c-6a9e-4e6a-b12e-79ecec04d9a8
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=cc54377c-6a9e-4e6a-b12e-79ecec04d9a8
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
54.167.225.48 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-225-48.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v047-0263f544f.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
CzB0oA4mSNs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-1-v047-021dab21d.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
1dg4aAvNR0w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=cc54377c-6a9e-4e6a-b12e-79ecec04d9a8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=openx&nuid=ce10475c-6251-093a-3f92-0fdcb313a6cb
49 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=ce10475c-6251-093a-3f92-0fdcb313a6cb
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-167
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 01 May 2023 00:24:22 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=ce10475c-6251-093a-3f92-0fdcb313a6cb
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 8BF5
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5364052513180930309
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5364052513180930309
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?r=1430&s=181869&cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D6106%26svc%3Dus%26id%3D2%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 01 May 2023 00:24:22 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f91cc40d-d2af-4a12-ad95-ecdf616b95b0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5364052513180930309
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ZE8GsntS6rVM0F29LL34HgAABTsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8BF5 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZE8GsntS6rVM0F29LL34HgAABTsAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?r=1430&s=181869&cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D6106%26svc%3Dus%26id%3D2%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:b3d5:d2d1:9b49:f7b1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 8BF5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4321644f-06b3-4d00-9f02-623ffea91b7e
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4321644f-06b3-4d00-9f02-623ffea91b7e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?r=1430&s=181869&cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D6106%26svc%3Dus%26id%3D2%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 01 May 2023 00:24:22 GMT
Server
MT3 830 785530e master ord-pixel-x19 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4321644f-06b3-4d00-9f02-623ffea91b7e
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 01 May 2023 00:24:21 GMT
rum
dsum-sec.casalemedia.com/ Frame 8BF5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE8GsQAGq1TEpABS
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE8GsQAGq1TEpABS
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?r=1430&s=181869&cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D6106%26svc%3Dus%26id%3D2%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-yyz4536-YYZ
pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682900662.137809,VS0,VE1
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE8GsQAGq1TEpABS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 8BF5
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4497645360037501104&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4497645360037501104&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?r=1430&s=181869&cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D6106%26svc%3Dus%26id%3D2%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4497645360037501104&gdpr=0&gdpr_consent=
date
Mon, 01 May 2023 00:24:21 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 8BF5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4462594004579376896&expiration=1684110262
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4462594004579376896&expiration=1684110262
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?r=1430&s=181869&cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D6106%26svc%3Dus%26id%3D2%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4462594004579376896&expiration=1684110262
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 8BF5
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259156499483
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259156499483
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?r=1430&s=181869&cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D6106%26svc%3Dus%26id%3D2%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
17
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259156499483
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c03e1934ebf4bd1-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 8BF5 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?r=1430&s=181869&cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D6106%26svc%3Dus%26id%3D2%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:f195:b922:3681:7158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
partner
pixel.servebom.com/ Frame 8BF5 		70 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=6106&svc=us&id=2&uid=ZE8GsntS6rVM0F29LL34HgAA%261339
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?r=1430&s=181869&cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D6106%26svc%3Dus%26id%3D2%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682900662.cds053.dc2.hn,1682900662.cds053.dc2.sl
content-type
image/png
usync.js
eus.rubiconproject.com/ Frame B862 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?r=488&p=11868&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.5.102.29 Toronto, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-102-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
738bbcb7d8a22cf89eaee4e1374d580261636592306b0d4dc6207579d7461191

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?r=488&p=11868&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 May 2023 00:18:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85983
Connection
keep-alive
Content-Length
10019
Expires
Tue, 02 May 2023 00:17:25 GMT
partner
pixel.servebom.com/ Frame 91EB 		70 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=982&svc=us&id=65&uid=4b08b0b32fc23e482bc09e6374e83696
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682900662.cds053.dc2.hn,1682900662.cds053.dc2.sl
content-type
image/png
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 91EB
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2f...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=5364052513180930309&gdpr=0&gdpr_consent=
49 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=5364052513180930309&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:21 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

Date
Mon, 01 May 2023 00:24:22 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f00a68f3-cf9c-4d73-b5c9-e3a2f2cf989c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=5364052513180930309&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 91EB
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26vis...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=5364052513180930309&gdpr=0&gdpr_consent=
49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=5364052513180930309&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:21 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

Date
Mon, 01 May 2023 00:24:22 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cb315186-ddf2-4a4b-8687-548d49c667aa
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=5364052513180930309&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 91EB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adyoulike
  • https://creativecdn.com/cm-notify?pi=adyoulike&tc=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=dEWL0lDaosXV0fFQ3eCF&name=RTB_HOUSE&pi=adyoulike&tc=1
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=dEWL0lDaosXV0fFQ3eCF&name=RTB_HOUSE&pi=adyoulike&tc=1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=dEWL0lDaosXV0fFQ3eCF&name=RTB_HOUSE&pi=adyoulike&tc=1
pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT, Mon, 01 May 2023 00:24:22 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ayl_pixel
api-2-0.spot.im/pixels/ Frame 91EB 		0
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=4b08b0b32fc23e482bc09e6374e83696
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-35.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
via
1.1 b5fe18267507cb61755963d8928a60f4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
oWrLP4NZL38dPPVaDEftCNXLGbUGpZM817ztb2KOAbOqSG2iLerjqQ==
x-cache
Miss from cloudfront
sync
visitor.omnitagjs.com/visitor/ Frame 91EB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=adyoulike&ssp_user_id=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-nJts8iBE2pnbqog8VdL.INK_NsN7b8i25h36wg--~A&expires=5&ssp=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&name=BIDSWITCH&gdpr=&gdpr_consent=
49 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&name=BIDSWITCH&gdpr=&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
49
expires
0

Redirect headers

Location
//visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&name=BIDSWITCH&gdpr=&gdpr_consent=
Date
Mon, 01 May 2023 00:24:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame 91EB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&name=THE_TRADE_DESK
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&name=THE_TRADE_DESK
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:21 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&name=THE_TRADE_DESK
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
319
sync
visitor.omnitagjs.com/visitor/ Frame 91EB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/aul
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAA8Kk7Ing0AACQhPkHy3w&name=BEESWAX
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAA8Kk7Ing0AACQhPkHy3w&name=BEESWAX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:21 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAA8Kk7Ing0AACQhPkHy3w&name=BEESWAX
Date
Mon, 01 May 2023 00:24:22 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 91EB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3...
  • https://stags.bluekai.com/site/23178?id=Cx70wqgOv71vzzsto1ul&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=Cx70wqgOv71vzzsto1ul
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=Cx70wqgOv71vzzsto1ul
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=Cx70wqgOv71vzzsto1ul
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
188
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 91EB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visit...
  • https://stags.bluekai.com/site/23178?id=Cx70wqgOv71vzzsto1ul&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=Cx70wqgOv71vzzsto1ul
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=Cx70wqgOv71vzzsto1ul
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:22 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=Cx70wqgOv71vzzsto1ul
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
192
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 91EB
Redirect Chain
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdp...
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=810fd96f-d922-457f-a52a-9afb52bef3ea%20&gdpr_consent=null&gdpr=0
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=810fd96f-d922-457f-a52a-9afb52bef3ea%20&gdpr_consent=null&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=810fd96f-d922-457f-a52a-9afb52bef3ea &gdpr_consent=null&gdpr=0
date
Mon, 01 May 2023 00:24:22 GMT
server
_
content-length
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 91EB
Redirect Chain
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0907220407830ee4b79bfab9&gdpr=0&gdprConsent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0907220407830ee4b79bfab9&gdpr=0&gdprConsent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0907220407830ee4b79bfab9&gdpr=0&gdprConsent=
Date
Mon, 01 May 2023 00:24:22 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
sync
visitor.omnitagjs.com/visitor/ Frame 91EB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-aee3e84a-9648-5082-7b18-bc1b6a6da401$ip$149.56.153.187&name=STACKADAPT
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-aee3e84a-9648-5082-7b18-bc1b6a6da401$ip$149.56.153.187&name=STACKADAPT
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-aee3e84a-9648-5082-7b18-bc1b6a6da401$ip$149.56.153.187&name=STACKADAPT
Date
Mon, 01 May 2023 00:24:22 GMT
Connection
keep-alive
Content-Length
191
Content-Type
text/html; charset=utf-8
sync
visitor.omnitagjs.com/visitor/ Frame 91EB
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D4b30a0b1f289a261ab592e1e53c126eb%26name%3DSOVRN%26visitor%3D%24UID&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=4b30a0b1f289a261ab592e1e53c126eb&name=SOVRN&visitor=GkeYTLZH5EevHt7VRiGLiTt6
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=4b30a0b1f289a261ab592e1e53c126eb&name=SOVRN&visitor=GkeYTLZH5EevHt7VRiGLiTt6
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

Date
Mon, 01 May 2023 00:24:22 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://visitor.omnitagjs.com/visitor/sync?uid=4b30a0b1f289a261ab592e1e53c126eb&name=SOVRN&visitor=GkeYTLZH5EevHt7VRiGLiTt6
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ord1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame 91EB
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D0f4b0fcde45fe67019618f4c5f35f52e%26name%3DADMIXER%...
  • https://visitor.omnitagjs.com/visitor/sync?uid=0f4b0fcde45fe67019618f4c5f35f52e&name=ADMIXER&visitor=5e656fd8777042b59cc44e11cafdd692
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=0f4b0fcde45fe67019618f4c5f35f52e&name=ADMIXER&visitor=5e656fd8777042b59cc44e11cafdd692
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

Date
Mon, 01 May 2023 00:24:22 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://visitor.omnitagjs.com/visitor/sync?uid=0f4b0fcde45fe67019618f4c5f35f52e&name=ADMIXER&visitor=5e656fd8777042b59cc44e11cafdd692
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
sync
visitor.omnitagjs.com/visitor/ Frame 91EB
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=5f554578-f0f8-5379-a3c6-f0ffc789f649&name=BETWEENX
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=5f554578-f0f8-5379-a3c6-f0ffc789f649&name=BETWEENX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=5f554578-f0f8-5379-a3c6-f0ffc789f649&name=BETWEENX
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame 91EB
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=75e96c09-430e-4d69-9c12-98bfda1e9e84&name=BIDTELLECT
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=75e96c09-430e-4d69-9c12-98bfda1e9e84&name=BIDTELLECT
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:21 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

x-servername
Track002-iad
pragma
no-cache
date
Mon, 01 May 2023 00:24:04 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=75e96c09-430e-4d69-9c12-98bfda1e9e84&name=BIDTELLECT
cache-control
private,no-cache
content-length
265
expires
-1
711333.gif
id.rlcdn.com/ Frame 91EB 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sync.html
s.spotim.market/ Frame D8C8 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:957::2 , United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
14a9815c2f1b0b92ec5413ebcbed084eedc89811879157a2aa57ace42355e709

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://visitor.omnitagjs.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1199
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 May 2023 00:24:21 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FDD7 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=32890
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 01 May 2023 00:24:22 GMT
expires
Mon, 01 May 2023 09:32:32 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6FAC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.5.102.29 Toronto, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-102-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 May 2023 00:24:22 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 01 May 2023 00:24:22 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 4DC2 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 3117
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.5.102.29 Toronto, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-102-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 May 2023 00:24:22 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 01 May 2023 00:24:22 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 6CA5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.5.102.29 Toronto, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-102-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 May 2023 00:24:22 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 01 May 2023 00:24:22 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
server
AkamaiGHost
sync
ssbsync.smartadserver.com/api/ Frame 6172 		868 B
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D982%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.179 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
c5334a514e2e8d6d1cc3f53117911766a8c1519071edb4008cb6993aecb73136

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
868
content-type
text/html
date
Mon, 01 May 2023 00:24:21 GMT
sync
sync.bfmio.com/ Frame CC25
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=4&id=Purch&gdpr=0&gc=&gce=1
Protocol
HTTP/1.1
Server
52.73.45.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-45-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 01 May 2023 00:24:21 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
183
sync
visitor.omnitagjs.com/visitor/ Frame 6172 		49 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=4497645360037501104&name=SMARTADSERVER&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 6172
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=1500f78c
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=1500f78c
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.179 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 01 May 2023 00:24:21 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Mon, 01 May 2023 00:24:22 GMT
via
1.1 79455aeea26d3c071fd96c3c1432669a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=1500f78c
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
U67d27Y4yZUZxOJOdgAk4DYbM1_LvIVURSPLBJodNbzMQeQrMb4rdQ==
/
rtb-csync.smartadserver.com/redir/ Frame 6172
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=HSYqt5fCNHLv&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=HSYqt5fCNHLv&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.179 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 01 May 2023 00:24:21 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=HSYqt5fCNHLv&ev=1&pid=560288&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-lmmsp
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 6172
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=4321644f-06b3-4d00-9f02-623ffea91b7e&gdpr=0&gdpr_consent=
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=4321644f-06b3-4d00-9f02-623ffea91b7e&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.179 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 01 May 2023 00:24:21 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Mon, 01 May 2023 00:24:22 GMT
Server
MT3 830 785530e master ord-pixel-x33 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=4321644f-06b3-4d00-9f02-623ffea91b7e&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 01 May 2023 00:24:21 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 6172
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2075%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=2712222862
  • https://sync.1rx.io/usersync3/mediamathtest/2075/4321644f-06b3-4d00-9f02-623ffea91b7e?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-397964c6-f...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005
43 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.179 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 01 May 2023 00:24:21 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Mon, 01 May 2023 00:24:22 GMT
Server
Tengine
ETag
RX397964c6fc9f436aab31b3a253f525d2005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005
Content-Type
text/html
Connection
keep-alive
usync.js
eus.rubiconproject.com/ Frame 6FAC 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.5.102.29 Toronto, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-102-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
738bbcb7d8a22cf89eaee4e1374d580261636592306b0d4dc6207579d7461191

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 May 2023 00:18:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85983
Connection
keep-alive
Content-Length
10019
Expires
Tue, 02 May 2023 00:17:25 GMT
/
geo.privacymanager.io/ 		30 B
612 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f49514fe-dcca-4424-be6a-9f85d01f1ce1/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-61.ewr53.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 08:17:30 GMT
via
1.1 ef066a0102f66b719933dbbef3bc5968.cloudfront.net (CloudFront), 1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P4, EWR53-P1
age
58012
x-amzn-requestid
47941fda-1b02-43c7-a4e8-34c0d7836a32
x-amzn-trace-id
Root=1-644e241a-311b26fd2404d4b5046f76d1;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
ELqULGDEDoEFx6g=
content-length
30
x-amz-cf-id
XL89VEHD9A_qbERJ83_n3jSBh5MESh0CMGpSJyLmt9l4C8dT4UNj9g==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ 		30 B
610 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f49514fe-dcca-4424-be6a-9f85d01f1ce1/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-61.ewr53.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 08:17:30 GMT
via
1.1 ef066a0102f66b719933dbbef3bc5968.cloudfront.net (CloudFront), 1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P4, EWR53-P1
age
58012
x-amzn-requestid
47941fda-1b02-43c7-a4e8-34c0d7836a32
x-amzn-trace-id
Root=1-644e241a-311b26fd2404d4b5046f76d1;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
ELqULGDEDoEFx6g=
content-length
30
x-amz-cf-id
F6bs5kfTq-VNEAHtrkk3HuBg6IMijQCh8q182dVLJpnPtqK-aQS2lg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
usync.js
eus.rubiconproject.com/ Frame 6CA5 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.5.102.29 Toronto, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-102-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
738bbcb7d8a22cf89eaee4e1374d580261636592306b0d4dc6207579d7461191

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 May 2023 00:18:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85983
Connection
keep-alive
Content-Length
10019
Expires
Tue, 02 May 2023 00:17:25 GMT
partner
pixel.servebom.com/ Frame B862
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=11868&r=488&gdpr_consent=undefined&gdpr=0&khaos=LH43LMLB-28-57MV
  • https://pixel.servebom.com/partner?svc=us&id=19&uid=LH43LMLB-28-57MV&gdpr=0&gdpr_consent=undefined
70 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?svc=us&id=19&uid=LH43LMLB-28-57MV&gdpr=0&gdpr_consent=undefined
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682900662.cds053.dc2.hn,1682900662.cds053.dc2.sl
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://pixel.servebom.com/partner?svc=us&id=19&uid=LH43LMLB-28-57MV&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Expires
0
usync.js
eus.rubiconproject.com/ Frame 3117 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.5.102.29 Toronto, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-102-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
738bbcb7d8a22cf89eaee4e1374d580261636592306b0d4dc6207579d7461191

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 May 2023 00:18:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85983
Connection
keep-alive
Content-Length
10019
Expires
Tue, 02 May 2023 00:17:25 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 992D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=32890
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 01 May 2023 00:24:22 GMT
expires
Mon, 01 May 2023 09:32:32 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame 677C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=5364052513180930309&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=5364052513180930309&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:24:21 GMT
Etag
a09985e324964ebe
Server
Adtelligent

Redirect headers

AN-X-Request-Uuid
a098103f-7bfb-4cac-9880-4c6da91ddc7d
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 01 May 2023 00:24:22 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=5364052513180930309&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
/
onetag-sys.com/usync/ Frame 5B09 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
csync
sync.spotim.market/ Frame DD65
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID&gdpr=0&gdpr_consent=
  • https://sync.spotim.market/csync?t=a&ep=644680&extuid=694731493061520576076
43 B
454 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=644680&extuid=694731493061520576076
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:24:21 GMT
Etag
a09985e324964ebe
Server
Adtelligent

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 01 May 2023 00:24:22 GMT
location
https://sync.spotim.market/csync?t=a&ep=644680&extuid=694731493061520576076
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
csync
sync.spotim.market/ Frame D8C8
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2069.55%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=8335362194
  • https://sync.1rx.io/usersync3/mediamathtest/2069.55/4321644f-06b3-4d00-9f02-623ffea91b7e?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-397964c6-fc9f-436a-ab31-b...
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:21 GMT
Server
Adtelligent
Etag
a09985e324964ebe
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Mon, 01 May 2023 00:24:22 GMT
Server
Tengine
ETag
RX397964c6fc9f436aab31b3a253f525d2005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005
Content-Type
text/html
Connection
keep-alive
csync
sync.spotim.market/ Frame D8C8
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=5ce37491-0a1a-0ddc-2f26-c6ef107e2503
43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=482928&extuid=5ce37491-0a1a-0ddc-2f26-c6ef107e2503
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:21 GMT
Server
Adtelligent
Etag
a09985e324964ebe
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:21 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://sync.spotim.market/csync?t=a&ep=482928&extuid=5ce37491-0a1a-0ddc-2f26-c6ef107e2503
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
birkdg38a5b55u1sbdfav2vkmvqsnv8p
csync
sync.spotim.market/ Frame D8C8
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%240%26gdpr_consent...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341&partner_url=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D30901...
  • https://sync.spotim.market/csync?t=a&ep=309017&extuid=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341&gdpr=$0&gdpr_consent=$
43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=309017&extuid=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341&gdpr=$0&gdpr_consent=$
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:21 GMT
Server
Adtelligent
Etag
a09985e324964ebe
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Mon, 01 May 2023 00:24:22 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://sync.spotim.market/csync?t=a&ep=309017&extuid=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341&gdpr=$0&gdpr_consent=$
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame D8C8
Redirect Chain
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636...
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=a09985e324964ebe&name=OPENWEB
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=a09985e324964ebe&name=OPENWEB
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=a09985e324964ebe&name=OPENWEB
Date
Mon, 01 May 2023 00:24:21 GMT
Server
Adtelligent
Etag
a09985e324964ebe
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame 6FAC
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr_consent=undefined&gdpr=0&khaos=LH43LMLB-28-57MV
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LH43LMLB-28-57MV&name=RUBICON&gdpr=0&gdpr_consent=undefined
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LH43LMLB-28-57MV&name=RUBICON&gdpr=0&gdpr_consent=undefined
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:22 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LH43LMLB-28-57MV&name=RUBICON&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2eb7d209ab67664d6226c75331547ba1
Expires
0
integrator.js
adservice.google.ca/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.itpro.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.itpro.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		153 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3050592382792790&correlator=3853276944750518&eid=31072879%2C31073384%2C31073560%2C44790327&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=10518929%2Citpro.co.uk%2Cbuying-guide%2Carticle%2Cleaderboard%2Cmpu1%2Cmpu2%2Cmpu3%2Cskin%2Coverlay&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F2%2F3%2F6%2C%2F0%2F1%2F2%2F3%2F7%2C%2F0%2F1%2F2%2F3%2F8%2C%2F0%2F1%2F2%2F3%2F9&prev_iu_szs=970x250%7C970x90%7C728x90%7C980x240%2C300x600%7C300x250%7C300x251%7C300x601%2C300x600%7C300x250%7C300x252%7C300x602%2C300x600%7C300x250%7C300x253%7C300x603%2C1x1%2C1x1&ifi=1&adks=59406648%2C2783966023%2C1931669959%2C1510023079%2C1417782470%2C1909268553&sfv=1-0-40&ists=3&prev_scp=_a%3D0%26pos%3D1%26format%3Droadblock%26placement%3Ddfp_rs_desktop_leaderboard_1%26adUnitName%3Dleaderboard%26incremental%3Dno%26refresh%3Dno%26api-refresh%3Dno%26additional%3Dno%26_slot%3Dleaderboard%26_slot_type%3Dleaderboard%26auctionId%3D1%26amznbid%3D1yn5kw0%26amznp%3D1rmxtz4%26id%3D8515b66b-e7b6-11ed-aaf9-0acda414d123%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%2C60%2C70%2C80%26amzniid%3DJGtJ5j5L2yHcS4nHbE8Eh2QAAAGH1LI4UAEAAAvYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICD7nzCH%26amznsz%3D728x90%7C_a%3D0%26pos%3D1%26format%3Droadblock%26placement%3Ddfp_rs_desktop_mpu_1%26adUnitName%3Dmpu1%26incremental%3Dno%26refresh%3Dno%26api-refresh%3Dno%26additional%3Dno%26_slot%3DtopOfSidebar%26_slot_type%3DtopOfSidebar%26auctionId%3D1%26amznbid%3D1cg229s%26amznp%3D1rmxtz4%26id%3D8515b66c-e7b6-11ed-aaf9-0acda414d123%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%2C60%2C70%26amzniid%3DJBNOEmyJ2o3CANQNJWfJ0AkAAAGH1LI4UAEAAAvYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICBKv9lE%26amznsz%3D300x600%7C_a%3D0%26pos%3D2%26format%3Droadblock%26placement%3Ddfp_rs_desktop_mpu_2%26adUnitName%3Dmpu2%26incremental%3Dno%26refresh%3Dno%26api-refresh%3Dno%26additional%3Dno%26_slot%3DbeforePopularBox%26_slot_type%3DbeforePopularBox%26auctionId%3D1%26amznbid%3D1808k5c%26amznp%3D1rmxtz4%26id%3D8515b66d-e7b6-11ed-aaf9-0acda414d123%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%2C60%26amzniid%3DJDhDD8AS_gm8ZSH84CO5HngAAAGH1LI4UAEAAAvYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICCKWf77%26amznsz%3D300x250%7C_a%3D0%26pos%3D3%26format%3Dadx%26placement%3Ddfp_rs_desktop_mpu_3%26adUnitName%3Dmpu3%26incremental%3Dno%26refresh%3Dno%26api-refresh%3Dno%26additional%3Dno%26_slot%3DafterPopularBox%26_slot_type%3DafterPopularBox%26auctionId%3D1%26amznbid%3D1gvvke8%26amznp%3Dfael1c%26id%3D8515b66e-e7b6-11ed-aaf9-0acda414d123%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%2C60%2C70%26amzniid%3DJB-A2menuSuJnog9H1CQD9sAAAGH1LI4UAEAAAvYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICBNc_k0%26amznsz%3D300x600%7Coop%3Dskin%26_a%3D0%26format%3Droadblock%26placement%3Ddfp_rs_desktop_skin_oop_1%26adUnitName%3Dskin%26incremental%3Dno%26refresh%3Dno%26api-refresh%3Dno%26additional%3Dno%26auctionId%3D1%26id%3D8515b66f-e7b6-11ed-aaf9-0acda414d123%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%2C60%2C70%7Coop%3Doverlay%26_a%3D0%26placement%3Ddfp_rs_desktop_overlay_oop_1%26adUnitName%3Doverlay%26incremental%3Dno%26refresh%3Dno%26api-refresh%3Dno%26additional%3Dno%26auctionId%3D1%26id%3D8515b670-e7b6-11ed-aaf9-0acda414d123%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%2C60%2C70&eri=1&cust_params=permutive%3D73403%252C83037%252C83205%252C84032%252C85199%252C85460%252C88284%252C89871%252C91812%252C94788%252C103448%252C105767%252C109071%252C110120%252C113625%252C113650%252C131007%252C145735%252Cbgfz%252Crts%26prmtvsdk%3Dweb%26puid%3D091cde89-731b-4c81-bd05-0150d761a6a5%26prmtvvid%3D8fc87295-04a1-4187-910e-66f5d25a60d7%26prmtvsid%3D545cbc7d-7782-44e2-ad8d-25199801fc2d%26prmtvwid%3D6093eccf-6734-4877-ac8b-83d6d0e27b46%26site%3Ditprocom%26url%3Dhttps%253A%252F%252Fwww.itpro.com%252Fsecurity%252Fmalware%252F28083%252Fbest-free-malware-removal-tools%26test%3DB%26screen%3Dlarge%26h_id%3DC4D23FADB0DD48F690334327BB251A4D%26source%3D%26product%3D%26kw%3Daccess-metered%252Csourcesocial%252Cserversidehawk%26genre%3D%26vertical%3D%26pagetype%3Dbuying-guide%26manu%3D%26articleid%3Ditpro-pages-28083%26sitePlatform%3Dvanilla%26fepPrimaryProduct%3D6%2520of%2520the%2520best%2520free%2520malware%2520removal%2520tools%2520in%25202023%26fepSecondaryProducts%3DMalware%252CTool%252CFreeware%252CFree%2520software%26fepCompanies%3DMicrosoft%252CMalwarebytes%252CAvast%252CBitdefender%26fepCategory%3DMalware%26fepGroups%3DMalware%252CSecurity%26fepPrimaryCompany%3DSoftware%26primaryCategory%3DMalware%26secondaryCategories%3DMalware%252CSecurity%26_plc%3D358%26ex%3D184%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_1506123_PG%252CIAS_1785_KW%252CIAS_3006647_PG%252CIAS_1500693_PG%252CIAS_1508982_PG%252CIAS_753_KW%252CIAS_1507080_PG%252CIAS_7426_KW%26vw%3D40%252C50%252C60%252C70%252C80%252C90%26_rid%3D2060034665146502752%26grm%3D40%252C50%252C60%252C70%252C80%26TUUID%3DC4D23FADB0DD48F690334327BB251A4D%26_chnl%3DWEB%26_ex%3D%257C214%257C296%257C%26_experiment%3D214%252C296%26_sh1080%3D1%26_sw1600%3D1%26id%3D85117043-e7b6-11ed-a9aa-0e674822fd07%26pub%3D40%252C50%252C60%252C70%26_pgid%3D192afec4&ppid=C4D23FADB0DD48F690334327BB251A4D&sc=1&cookie_enabled=1&abxe=1&dt=1682900662626&lmt=1682763847&dlt=1682900655820&idt=1397&adxs=315%2C965%2C965%2C965%2C-12245933%2C-12245933&adys=189%2C857%2C1867%2C3143%2C-12245933%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&frm=20&vis=1&psz=980x-1%7C300x-1%7C300x-1%7C300x-1%7C0x0%7C0x0&msz=970x-1%7C300x-1%7C300x-1%7C300x-1%7C0x0%7C0x0&fws=644%2C644%2C644%2C644%2C132%2C132&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=177419201.1682900657&ga_sid=1682900663&ga_hid=1267059334&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
317f809fa16a380c94a89fbdf3c1e909a81996ee88634c95dfda4468b4b58000
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28762
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.itpro.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F363 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:24:22 GMT
expires
Tue, 30 Apr 2024 00:24:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3502
etag
W/"06f50014011c1fcd9e21b6b0481979de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7c03e1972af2ecfa-YUL
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 04 May 2023 00:24:22 GMT
contextfeed.js
www.dianomi.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/contextfeed.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:22 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2519
etag
W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7c03e1975b24ecfa-YUL
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 04 May 2023 00:24:22 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AF78 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=155494&s=&predirect=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D5797%26svc%3Dus%26id%3D45%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=1---&
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=32889
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 01 May 2023 00:24:23 GMT
expires
Mon, 01 May 2023 09:32:32 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
partner
pixel.servebom.com/ Frame CC25
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=132
  • https://pixel.servebom.com/partner?cb=[cachebuster]&svc=us&id=42&uid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
70 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=[cachebuster]&svc=us&id=42&uid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:23 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682900663.cds053.dc2.hn,1682900663.cds053.dc2.sl
content-type
image/png

Redirect headers

Location
https://pixel.servebom.com/partner?cb=[cachebuster]&svc=us&id=42&uid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
Date
Mon, 01 May 2023 00:24:23 GMT
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame CC25
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=137
  • https://s.amazon-adsystem.com/ecm3?id=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&ex=bf.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&ex=bf.com
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J65V6AWNE6T7T7PD5QSC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?id=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&ex=bf.com
Date
Mon, 01 May 2023 00:24:22 GMT
Connection
keep-alive
Content-Length
0
container.html
f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5168 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:24:22 GMT
expires
Tue, 30 Apr 2024 00:24:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/032304241924000/ Frame 7DA6 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032304241924000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f5de908ba97e78d441fc38fc0e381f4b06f411a0ff4446f4802d07ea8d2109dc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 16:52:33 GMT
age
113510
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61891
x-xss-protection
0
server
sffe
etag
"641e472bee6cd53d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 16:52:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/032304241924000/v0/ Frame 7DA6 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032304241924000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
726aa459952b3019a13f4a978d8d21f5c15079037f5fadc1f19c274a72c836e3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Apr 2023 23:10:31 GMT
age
436432
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5223
x-xss-protection
0
server
sffe
etag
"e0bd0d1b2f2bac99"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 Apr 2024 23:10:31 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/032304241924000/v0/ Frame 7DA6 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032304241924000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c2215854f8c60c26080b0ecac5547a785dcb4c781c46f7e9dd790f111fe4e2fa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 07:09:39 GMT
age
148484
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28885
x-xss-protection
0
server
sffe
etag
"131b28345f843a10"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 07:09:39 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/032304241924000/v0/ Frame 7DA6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032304241924000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
36072157fc42d186866f4a3b9c31a9d40d2028b72e4f7962e47d97cb00df909b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 07:15:32 GMT
age
148131
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1918
x-xss-protection
0
server
sffe
etag
"ddef4397e6682782"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 07:15:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/032304241924000/v0/ Frame 7DA6 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032304241924000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d708d6c0dc63199b60c859d18b67ca31990f854c8b70c745bc06a1a951c1ac56
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 17:26:18 GMT
age
111485
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12936
x-xss-protection
0
server
sffe
etag
"5876171460beeae3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 17:26:18 GMT
css
fonts.googleapis.com/ Frame 7DA6 		2 KB
971 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
d2c00663067fe7d7a1338308cd6b305fc3ceba58e3cd89066924824d793fbfc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 May 2023 00:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 May 2023 00:20:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 May 2023 00:24:23 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/032304241924000/ Frame 491E 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032304241924000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f5de908ba97e78d441fc38fc0e381f4b06f411a0ff4446f4802d07ea8d2109dc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 16:52:33 GMT
age
113510
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61891
x-xss-protection
0
server
sffe
etag
"641e472bee6cd53d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 16:52:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/032304241924000/v0/ Frame 491E 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032304241924000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
726aa459952b3019a13f4a978d8d21f5c15079037f5fadc1f19c274a72c836e3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Apr 2023 23:10:31 GMT
age
436432
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5223
x-xss-protection
0
server
sffe
etag
"e0bd0d1b2f2bac99"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 Apr 2024 23:10:31 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/032304241924000/v0/ Frame 491E 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032304241924000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c2215854f8c60c26080b0ecac5547a785dcb4c781c46f7e9dd790f111fe4e2fa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 07:09:39 GMT
age
148484
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28885
x-xss-protection
0
server
sffe
etag
"131b28345f843a10"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 07:09:39 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/032304241924000/v0/ Frame 491E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032304241924000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
36072157fc42d186866f4a3b9c31a9d40d2028b72e4f7962e47d97cb00df909b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 07:15:32 GMT
age
148131
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1918
x-xss-protection
0
server
sffe
etag
"ddef4397e6682782"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 07:15:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/032304241924000/v0/ Frame 491E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032304241924000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d708d6c0dc63199b60c859d18b67ca31990f854c8b70c745bc06a1a951c1ac56
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 17:26:18 GMT
age
111485
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12936
x-xss-protection
0
server
sffe
etag
"5876171460beeae3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 17:26:18 GMT
truncated
/ Frame 491E 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d79442c6c72e38b05fea7118f18b1d3c6b5c5f1749c38ee8c01b175b73f1593

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
container.html
f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FDCB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:24:22 GMT
expires
Tue, 30 Apr 2024 00:24:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7DA6 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 06:21:04 GMT
x-content-type-options
nosniff
server
cafe
age
64999
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Mon, 01 May 2023 06:21:04 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7DA6 		295 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 06:21:04 GMT
x-content-type-options
nosniff
server
cafe
age
64999
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Mon, 01 May 2023 06:21:04 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/12459279957040547699/ Frame 7DA6 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12459279957040547699/14763004658117789537?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQqgIYASABLQAAAD8wqgI4qgJFAACAPw&rs=AOga4qmjHN7hrsTnFK_d1YFlb5_Yop4Uug
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
578bc63c2a2b28a1b7046d040e28a95209006bde769a751f80809a2a5b6cb73b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:23 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10936
x-xss-protection
0
last-modified
Mon, 10 Apr 2023 18:15:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 30 Apr 2024 00:24:23 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/10291376598067435412/ Frame 7DA6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10291376598067435412/14763004658117789537?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qn5YUO7BiCO3xJpSZlhRV0Idvt83Q
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c1f0a9315cfbe281ecec4e262b8da3420fb5201c22b749930880eed590b9e7bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 13:03:06 GMT
x-content-type-options
nosniff
age
127277
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2428
x-xss-protection
0
last-modified
Sun, 26 Jun 2022 17:08:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 Apr 2024 13:03:06 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7DA6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cm71VtgZPZJe4MsLS_gTbvZe4BZ7djadwk7CpvsoRspHlm9YBEAEg5-WiGGD96KKB8AOgAYHJr9QDyAEG4AIAqAMByAMKqgSbAk_Qgsl8r8ID8o7_Jacy6q9KFariW2KnKPU3Ucj8OkL9P5ITDS_7s0wjn6bmg4ftU_tKMT4ydSHvNvb6o2Q6rgjlnnLtoA0o5VLTmC-tWAEkFUDoav1vYL9zQ5HQCfj8aHtPhIoRj3did43pWnVagkunFDVEGduzd5DjRwqzaM3qLha_ScKu5X1ykg5d-zeQT8Xx0GX70WsXFLlG6-LBXsBB3TaSQph6hSbUHZwaKDFz9Qwlwvy-5BEHcnvYHBlh_8FsyM843J0aS7EUngE96iH_sb7mpWoL4K4kuzWMZDgAqhzDpJRxkfdM2rQvfBobxmBsRhBHxHwYWYvb7CPmDF6-3dcxt_clcp1YYNhXGguvm2V50N_E_M0B7MXABI3RldWlBOAEAZIFBAgEGAGSBQQIBRgEoAY3gAe84MuXA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIKJHdIIDwiAYRABGB0yAooCOgKAQIAKA8gLAdgTC9AVAYAXAbIXHgocCAASFHB1Yi0xODk0NTc4OTUwNTMyNTA0GIHHFA&sigh=GZqCv5cKeMk&uach_m=[UACH]&cid=CAQSXgBygQiDK5hMZkj8IYzC2LknM2G9Sbr85VPWhScLZ4SmUV7FQuPqHQMxV6bb79eCjaTFtwVzPC0-n28sZ7qcznwf0IqedUawzzvavPXF6KPkTgxb0KEgFtNQ39Rx_uIYAQ&template_id=492
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
7070182556640528312
tpc.googlesyndication.com/simgad/ Frame 491E 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7070182556640528312?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnCR-zTdgv_Nnq9zllGu2xsMRRh0A
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
2481711729c5ed25e10a139be38f993167a9075284e156c00a7796d0bce6e0aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 09:56:35 GMT
x-content-type-options
nosniff
age
138468
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59761
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 16:03:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 Apr 2024 09:56:35 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 491E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 06:21:04 GMT
x-content-type-options
nosniff
server
cafe
age
64999
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Mon, 01 May 2023 06:21:04 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 491E 		295 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 06:21:04 GMT
x-content-type-options
nosniff
server
cafe
age
64999
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Mon, 01 May 2023 06:21:04 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 491E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUegJtgZPZJi4MsLS_gTbvZe4Bc27_qNwg4qQ2LIRubOsmOAtEAEg5-WiGGD96KKB8AOgAavR7NwByAEC4AIAqAMByAMIqgSeAk_QokfyB_ZIN_DtQU2jQghbuHMBaICXnB5qmNW-jIsbwoRxHkU-cbgI2amQjFvC6NO9u7o7tbVXy-7qrbKhELCcCEtGPNyVoCA2mcCgFasOHc8xJWObV5nAOWpSzkaMYb6aKtYqEwB7j2726q0u0qbCSPnRNwRUG-YxiE0TYEdTQkGEO6E7H-HooUoEhcwATZbk0kbc_2Y46in0mPlKI_-FXNw2cEkjoA6nAP3520UGG0nIfbDmGiARZB8ZP6m6vMLl9X5IK6PAtO2VnMlEl6bct7FRLF6koghDF1_0glhaeBQ9cl7dzW91OkzdNK_a8gqbUsGch1OE2QXSPciqDxUxVanygd325BTJguambv8IAkqnNrb5llOie6h2fNTABLqi3aCtBOAEAZIFBAgEGAGSBQQIBRgEoAYCgAe9rpOjAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJHqFtIIDwiAYRABGB0yAooCOgKAQIAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi0xODk0NTc4OTUwNTMyNTA0GIHHFA&sigh=OtBVX-kOpzQ&uach_m=[UACH]&cid=CAQSXgBygQiDK5hMZkj8IYzC2LknM2G9Sbr85VPWhScLZ4SmUV7FQuPqHQMxV6bb79eCjaTFtwVzPC0-n28sZ7qcznwf0IqedUawzzvavPXF6KPkTgxb0KEgFtNQ39Rx_uIYAQ
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
truncated
/ Frame 7DA6 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4bf13a82e2f59235a6e2836287239284d3644ce8f3728286a7b89e64ae79ad3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
error_handler.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 5168 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/error_handler.js
Requested by
Host: f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
URL: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
78cad1fb95d1e9bbe4a7b1f90fa38ef699314ee65bf914e65ffae62005103a8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 20:10:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
15213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3465
x-xss-protection
0
server
cafe
etag
6788195977828770272
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 May 2023 20:10:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5168 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BONF-zFk6vtksc_f2zXeRktiKA_R7idkDrqdYJZ3e7QOlE_r_F7BZ7CT2LNg5ffsSU9qfGh9JPBZC9poTb8ZH4QR_6dCIHocowMKxKfC9LVSKUQyc
Requested by
Host: f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
URL: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5168 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3334868727047606204&x=1&ct=76
Requested by
Host: f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
URL: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 5168 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
URL: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 01 May 2023 00:24:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 5168 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
URL: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
Origin
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 19:59:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
15921
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 May 2023 19:59:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 5168 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
URL: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
Origin
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 19:59:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
15921
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 May 2023 19:59:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5168 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
URL: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 01 May 2023 00:24:23 GMT
error_handler.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame FDCB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/error_handler.js
Requested by
Host: f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
URL: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
78cad1fb95d1e9bbe4a7b1f90fa38ef699314ee65bf914e65ffae62005103a8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 20:10:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
15213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3465
x-xss-protection
0
server
cafe
etag
6788195977828770272
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 May 2023 20:10:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FDCB 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AsUeYowfmex3TYK1D7hLtLczQbfqwUQCmV9vOGCcrnoxHM3Phw6uyhf1B7PReJf8wO_riGnNCajzmWbo7xslbz-_hDshtsjU0lOmk9Bf6REOYNu7g
Requested by
Host: f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
URL: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FDCB 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1052251477374159205&x=1&ct=76
Requested by
Host: f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
URL: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame FDCB 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
URL: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 01 May 2023 00:24:23 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame FDCB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=3886119&cmp=29290104&plc=358368120&sid=5775970&dvregion=0&unit=300x600
Requested by
Host: f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
URL: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:769b -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 10:59:51 GMT
Server
Microsoft-IIS/10.0
ETag
"2d4a10aae224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame FDCB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
URL: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
Origin
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 19:59:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
15921
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 May 2023 19:59:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame FDCB 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
URL: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
Origin
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 19:59:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
15921
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 May 2023 19:59:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FDCB 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
URL: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 01 May 2023 00:24:23 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D5EC 		645 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjwggIQhLGDAhj2uPriATAB&v=APEucNVO57coUIMR_50Q3Mvz1ofJIXMFP1GGIeU0SA8L6Q3X0ZW_djIzeGoItOIOcvQ-un3IMoSBbp87_uTG4FtBFMdjBMChGAxJ0be2KMN6qbkAP1u2ppk
Requested by
Host: f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
URL: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:24:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame C3B1 		645 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CGUQm_XizAIYnPfF3wEwAQ&v=APEucNV7F1JCoKTHu76ywyxNWOYI2WEt3AX14DD0KnTU7Ss8eX4K4O4Am4Tt6r6Vykp-t6mJ0afOfCe_40gZKaMl3CHumxFx5d6E36cWUkp9HBJWmZSX00E
Requested by
Host: f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
URL: https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:24:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7DA6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
2607:f8b0:4006:80c::2002 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date
Mon, 01 May 2023 00:24:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 491E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
2607:f8b0:4006:80c::2002 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date
Mon, 01 May 2023 00:24:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame C3B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1&gdpr=0
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CGUQm_XizAIYnPfF3wEwAQ&v=APEucNV7F1JCoKTHu76ywyxNWOYI2WEt3AX14DD0KnTU7Ss8eX4K4O4Am4Tt6r6Vykp-t6mJ0afOfCe_40gZKaMl3CHumxFx5d6E36cWUkp9HBJWmZSX00E
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C3B1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE8GsntS6rVM0F29LL34HgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CGUQm_XizAIYnPfF3wEwAQ&v=APEucNV7F1JCoKTHu76ywyxNWOYI2WEt3AX14DD0KnTU7Ss8eX4K4O4Am4Tt6r6Vykp-t6mJ0afOfCe_40gZKaMl3CHumxFx5d6E36cWUkp9HBJWmZSX00E
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C3B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE-D_c5dgCRT5XKwIRRIe9o&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE-D_c5dgCRT5XKwIRRIe9o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CGUQm_XizAIYnPfF3wEwAQ&v=APEucNV7F1JCoKTHu76ywyxNWOYI2WEt3AX14DD0KnTU7Ss8eX4K4O4Am4Tt6r6Vykp-t6mJ0afOfCe_40gZKaMl3CHumxFx5d6E36cWUkp9HBJWmZSX00E
Protocol
HTTP/1.1
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:23 GMT
AN-X-Request-Uuid
66551813-967c-4778-ad89-d6df4810ed81
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE-D_c5dgCRT5XKwIRRIe9o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C3B1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2NDA1MjUxMzE4MDkzMDMwOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2NDA1MjUxMzE4MDkzMDMwOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CGUQm_XizAIYnPfF3wEwAQ&v=APEucNV7F1JCoKTHu76ywyxNWOYI2WEt3AX14DD0KnTU7Ss8eX4K4O4Am4Tt6r6Vykp-t6mJ0afOfCe_40gZKaMl3CHumxFx5d6E36cWUkp9HBJWmZSX00E
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 01 May 2023 00:24:23 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5d24b07a-7197-464d-afd8-dae1b5ca3475
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2NDA1MjUxMzE4MDkzMDMwOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D5EC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1&gdpr=0
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjwggIQhLGDAhj2uPriATAB&v=APEucNVO57coUIMR_50Q3Mvz1ofJIXMFP1GGIeU0SA8L6Q3X0ZW_djIzeGoItOIOcvQ-un3IMoSBbp87_uTG4FtBFMdjBMChGAxJ0be2KMN6qbkAP1u2ppk
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D5EC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE8GsntS6rVM0F29LL34HgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjwggIQhLGDAhj2uPriATAB&v=APEucNVO57coUIMR_50Q3Mvz1ofJIXMFP1GGIeU0SA8L6Q3X0ZW_djIzeGoItOIOcvQ-un3IMoSBbp87_uTG4FtBFMdjBMChGAxJ0be2KMN6qbkAP1u2ppk
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0vuFLoD47nMlqBmGL__JA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D5EC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE-D_c5dgCRT5XKwIRRIe9o&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE-D_c5dgCRT5XKwIRRIe9o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjwggIQhLGDAhj2uPriATAB&v=APEucNVO57coUIMR_50Q3Mvz1ofJIXMFP1GGIeU0SA8L6Q3X0ZW_djIzeGoItOIOcvQ-un3IMoSBbp87_uTG4FtBFMdjBMChGAxJ0be2KMN6qbkAP1u2ppk
Protocol
HTTP/1.1
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:23 GMT
AN-X-Request-Uuid
e2a30959-a919-4c03-a9d1-4b5af701de11
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE-D_c5dgCRT5XKwIRRIe9o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D5EC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2NDA1MjUxMzE4MDkzMDMwOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2NDA1MjUxMzE4MDkzMDMwOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjwggIQhLGDAhj2uPriATAB&v=APEucNVO57coUIMR_50Q3Mvz1ofJIXMFP1GGIeU0SA8L6Q3X0ZW_djIzeGoItOIOcvQ-un3IMoSBbp87_uTG4FtBFMdjBMChGAxJ0be2KMN6qbkAP1u2ppk
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 01 May 2023 00:24:23 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
966a1d11-d89e-4cb9-b4b5-dd0f0883fd18
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2NDA1MjUxMzE4MDkzMDMwOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5168 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7951395288568&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5168 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7951395288568&version=m202301230201&ct=76&x=1&cor=3334868727047606300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5168 		84 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DV008y5Og0w1sULGp92sgwVYaczogkUxZ9sanyTihck5yznn_hzEKggwLa2rxvNHqr5iz2IxrbUilSFS1p-jmtr4Kyow&cry=1&dbm_d=AKAmf-CQbqB5eYWE3m0mpHzZ3bsgtM4jwAv3NNdV5lxbqLqxqWiE47YLcgpWX_9aCPugm3mv3eV8gaPnJvrjOB_8FksdOzR0S2b2qpD_5xSYqnRy4kwIEUFqE7-DFEIDs9T4-sVO7oiWqWrn2t7gfK-oRWrVM4n-J8NKUnzSaeUbHERn4bIVGxZMEDwf8uAiJBls4eVaaWmZ7ZRZiKJe8DGOp1efvbqzEnYJURnAF0n6cZwx3O5XA1jBHiDcCZujRGDofbp6y4YTqwelzQDYSfTxVVTHTTXFNBeST6qxq8ZbdKtnlHid5FAfNTyN5cybTueTcgR66gMKFNtHT6nQjhKqFDaV-3W-a0-2NM2bHqsgIJ5_XYiLt2b5LaR0X4UsbS5bWEO-oZsI5s2_wAz9GhXW2rXfXymA-bNWrOrNt8KpIYi6bNSJDLSzP1-WaDa_UpzFvrA_57YdCBxCjxCAhylv3i51KNvh-PVRAyNs0H6dtgHwCdZN_9iWnSWeGuITR2HDiLH_A1ZnCrGz61pIZN9QRMDiRP8HxmTppeDtmf_kq_EwP7YTvHVDcd1kjVUeW5n6w9BXBm9_-m9FpZe3pXmtPkXf_Rmr-cAM7Dqwh9JiWY44mHYCPT0uNQuGAXXc2ckX8S4tQU9Dxt0CNp8Hz9O2RUhMxyp84FOieZyZhhjOWC_wfDGbHTQ3Z78mOK7deaZFy34Kgfvs44rcCYmuxRhLXVqXBMz2Y1IzeaeSVJGcxaQGUj6Sn6j9tHcDIFiDIsMAH9p8f7MhzlCFHHOwkkmIWQjs-N95ygsecYhu-efdQjY6LHCLHsKWvDIQg4PUVguqD9Je9b-bIqZ0AVBABpeMR9QQ_5FIFN7bQMR6v_1yL3P6oF3l_DIEQ8Nd1APRkF7rURWclNsgH71ejc68ePdqO2o7J6B9kgXOjLrAeLITsuNWp29V-ddOsx2ko9D46n7gRZYG9F-K7tFjou39hD07lOfTXxBe2fG9t9pt1vyewoqMCLx54DsIZsdcC_aWXNmW1jcluYU2zQ-bpRO2vU1GJ8s7guyV1K73QxVZu_UofJ_ILfBlI-qp0-SSmQs4CTCOOYzv2tJ50r9H16zKNKCshlSzdZZ5DfbP5ZR-cCCfydG9a7YR1AAyNyKIQODvVosq4QsX17O7FeGMYnKlfj_H_m7z-GrzhD8HiQcD-_DHWOC_8l8g6JsI0l55O3l8WJXcDsEy9gB50X-shcgR9y7tuXxyUqM6mqtwt9gJ_eU0NuPlrNv8Ck3pHmuPaQksKk24eHNNLaNPrcwk51ekybQU-GTknnnZ0nMXhCbiUlRdepZpN3jmlYPP04t6rRh4G1aTOI0Xg3-sn5fUuJ00yOSyB0I9_nJ9zvfAdeiT6s74dajXJEM7bqbpi7vFvxMhZV5CXdq5u6uLVGu6ghEQJE2HP1X_azUAT0fmMB4qia4aFkW9kqIjo3NtsfXZxuSxEkxP6UxAjKtYwZNUqtpx6VuUfCXvycStnyLB7J5ApYrZC4wYUNuIDrF6Q157CfWYiEBqzswHhAdzySQQUQAd2bRh7aQghrRqkH0bAPX1BI3FGuQgcAA6-_2pISAc9tzJAC8UyssBVlfBwxE9n0hWftOqKKXNvFREFZJ8GDn9nhRldsRiFl9lIcqJMaBJeCitYiITf5Bv1yW7beNuAOwacNzrytCLEJejj0ZTKx3wc2sIp5Ur76CSQ1lcoYhT21LH_4lsV9jejaEP0Gm5EZUm4vbuSld60q1AmltER2DJPOF6iV8DSFF0CENtE3psQwUsFSOvn3slGGwXcNZ7bL29-DUF_XfDkKAl2jQR7oC4YGZ-TlVwcuh918hg3lbBxf-wS2iZR2OQd8jL_zE1UNQc5n05RZizMIAxdfQ_ilg9ydj_oT4OOfc2DQVE6icc-n7s-GnL_c0d9eXgUeceKNiOA8D7Na_nGMEfvRpjBXu6yCE4lNvnMsCdpJl8HRDFIlFoSi2Fn3q7UBZZ52pgkn6uaZ0Qq7aOByqHyIcozOx-uPmjxF-URopuZkuTtQ_lzMNETykcNIwsdelVqPdEy52-jsNNBlzxRVX9vkqF-lVbsbs7BEvfShk-WTFIBK-pezH7S5T-UsRXZ-zI3cP9pUQNEPBZNMkE3izuuk4JiydYnLD_4ioEkdXcAp6XimXJ2orh8SzJV_yLcn4JMy3oTcOut0qhLt_OxzonEtKZ1oE6iBNaLv1930B1sGoGcGHlIZKUR9GyzhoCt9txQP0ZgqJDLnUMlcAzl1vUyTGR54kLd91CI8Bi7QGPhEk1gsi8tnH_ApXtaKJn2gX6tsKcddZnyDJOiaTd9pHzbB9TW8mj9bp1hcqdw3Rv51oWK-JczyBwVffY4O5hiG7VXsbpx2zS7ZuIz-GZI9YB0U7tJfg_NNfdLXUq5S-qubNy-e5Nhu_uihX49LqtAY0Kln26vpw2qzWIYueK_aBck20O93Gyp1tIFt3ltnLc8XhqnSZBof9EWlDaYg3d_p0izYSC1c4ydN3uSIhCQi7WtmFJ0Z0cFYoS-WNFBwSU88ACLpbJc04olX0WM0GpN9tnay0ea8Ox982HBn919npyOiRscrjsAkozV9aJoexdHv2ppabIHu7hMjdy3FdhNJP8dRjLjwgYiWi0UMv1pkKrsRr-sco4wSVVAKpCnimdnvUpfuRFPZNiSJyHLxAv0Mr5Aqhoxwnoi3sHVvFSYgMAnTrh1wk-_y3XsF5Mq3RVa9Vr5KwXu3-J6U7f5FShkIa87P6gy7AhdLn2W_5dKQp2oVJBfWexyOhCnfCcIJFlNcV_NhBWl01F00kj0VOvMQMqLhFSMJHfLzXKPuGWSgAlYGN237vJOtKG6B9i-Tef-ZnLRfuJfbk1ofTCv5yIjSg713deWoGcvAJTPkjsTFkJEW6voN2_tJecx_Uhs9FSwUBZFBISyBaxqATQyVGGlGjF99Sbt4h-vpAs2BrR0PUDtMI2uhurX0X3Pfrd-sz5CuCa7qBi8vfA4Bx7tbUn2jYsAnhnf-hSinVWUg5RxXU1qcVXQlog5m8r5z0TeHOvevksTQq9ErMUZxc4stAPxN7uMpAn4PpbskbhN-fy05sjHoSb2DR1CzS1PqCOUGvyBzu-UuAPN5Ghs0aqKq3Ll3aMI9_B1yja5PMeqt4W0b19kFeHPCRg96kKb9aBszppMOsRccC--8krZozH-Y7AyaFIvPwokUiDRXDKPRV7KLqMEvJwofaEAMnQK7kbAj3Fr6UGpbcTd7Fj57W4D7FoYSE236A0OhVDrg6m7NoACvjr6jhK9ahrvbnL4fb7xUm5sY02yFX2wyUVIEvHwHcx5SJGzNpkATwensQTim4ncnW5sO3zwEbGOUHmrxuRzNzraHu2Q60gB8rRGM6qYoMrp98G-TTfT6u4_GKiNhEvFZds08ysKAmY8uMNjp3wuxT6lWmPUrBIEForNLRTTxcr-cjuN1F2Q_y9uKbdtGatHAfcLn_2pYR_xmQy5X6MGX1GjjSQGUUMyPuWmbh17xyrglSbB0-_XbIQ0StKx_T2oWd37vV_d-LtczVhOFHwXl5ZwDI6sDKN_zkvZY6F1lzh3e91Gkedr-SkicqSRrK5i8KVHQ&cid=CAQSXgBygQiDK5hMZkj8IYzC2LknM2G9Sbr85VPWhScLZ4SmUV7FQuPqHQMxV6bb79eCjaTFtwVzPC0-n28sZ7qcznwf0IqedUawzzvavPXF6KPkTgxb0KEgFtNQ39Rx_uIYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.itpro.com%2F&ds=l&xdt=1&iif=1&cor=3334868727047606300&adk=2975593758&idt=167&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
fedda7bf85704daade6f452eff1d6394ae75b87a5fdf7f5f7513962a41ece630
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35897
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FDCB 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9704303540663&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FDCB 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9704303540663&version=m202301230201&ct=76&x=1&cor=1052251477374159200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame FDCB 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DGNpu2e8n8S6u7AyRIH-eQuV6UdWbJLhwfq6vvR9RSd5rLyjY74MWORJiL1q_sa-TXuHmUq6A17Er6u0oBa4awXo6hIa2MuVLEDNvrRbd8PlQMVbP5PlV-D9CTWAs5Zxeif-0NjkqLsa99-0LXp3IpgU7ofeWdKg8G8dSRhKYTyWQ-boE&cry=1&dbm_d=AKAmf-CKXlQxJN6QGqP8Q5HVxOvMxT37KWUF7QeV-0vllhptr6TSv1Gk1GoM9sQ6MZ2s7h5EWDgGLIzzKNZleJrkWXtT_q2Dq24Cz6-jgzycl8vTGBUMyMLywy-Z6A6dzz4HVZ67BbnXE7eL1buGC1trtiLxN32Bk8UX_kU9e5qQx-jVP_D_3aDU9VKhm4Geh1-AbIEuDDKNJqkYkOcSW8xoq_BV1_nO2KYXuQk7NGe3r5FLgup6OINRSZiAL1hcb40b4MBfGJO1LpE49uTpO0Lk55nj4YRlqUAJ0-DP6Ti_ZKKZ4Pl2PYaxtbN6G5c2jx1zNZv6Au61Iw35Xs37Rmb2lB93lKxLDD9TQ5UqonlH4mxI2ouIpAVqmYTlaRPh6Xq_awFFA79eisdsr-YCd2IfJZe5h5edDY2mKrudZoPPeMgVFmX_B258g7LQeu45mTqv5TLfzywW8toAnZZWKreuiRVvWIFrFDXRnTrf33UNdPOhtmgaPkzdYR16Mdk2sn4CAT3ALLjny4zcdIsT2yIdr1TKQPiKNF51x6N8JfysOXy2nz-DsVK5Vaach1NkJwzUYHD_XrbUAD_yjAJGDie8FxginpDa7oO6VNCoQKBGou-G4okzyUHkvYMRARvpW_lcNr8XWOVIVkYryKurINLCsSFtiBDHEiPu6tPMKHFoWOFexH84oxBWL8Q_XftvR5cfgusVHhyyugwgA70E1SIEl0F3oNF86HyX8d9jWBdTaCU02lQ8rBilMQ3hkhPELyClNFMF0ye4RcJCZcZTdXrdqx2TjLZnkfSsOXi7wFi9Hax5FTNHdrbpR1QuyfFOWwYfDugZXqKm1MNAR0t-FOLAAKVWYffzHefmDInWvDGEjFN6DOOCWUtNYlw_88ka-oH3p1NmxmkT5sxkqzIV47nNUemWXMshsOwy7UpSQLoHogmu349he-d8H8c4kK7aA9oRhxA2FEnrQaPmECOnGyD4A3yH6gOZU2wg8FxxSuP2HiF2uammLVZjMQq0ANG2AqaEC9Zt2QBWFdlnlb-oOUExXWaR_7aavl01C4zPW0mjuW5G5U7FJYWNOUcqwdcP1UwSEtD3QlW_x2JWEMLhoA2N1N2liic3TmMaGchSHm9MnnPOe3A1HQBx5eJv8VXnyemunCvyNbgN0ti2Ic6faMyGklnZvc8Z2O3yqf4V_F_bAMKCd5EXRyr_PheQPbkyMigwKlYjmEudqDDN2ayS0zDacYomgqBrZJDsbUxm3YILxPL5ei8pZprtH7pe1tIzF5myp_MtJ1QTJt_l57NTW0Mzh1t5BocP-FXdez0f4UNBgxP8pzQn9U-qNxs_xZ8__go2YX4tx4NQNAk3ZjUR96jbNIcadb5tF7G9nYnI90NttWgrLDDxKeQ67keQTi5_A5uEzQ9KfgsMteiMxzDd4eTaYtUk_JxIswZxye4s-sZv-M6yw4GX5qTod-3gc1XkIYm8wRN9uNA8R97zR3TlkNXuf2w-12Rte2DVBeiVkQZEfmfpjbbvSJo6olwQLOjwioPi_YZux3qfdSbnV_FYvXlEBsZguFsz2OQdMbapUxf8FiJXjDMav58xEoDTHa3xmTYf0npcsoQbTw4yxfhRYw2rpvIdLHyC2n86YlVuFRz3DpB8BENs_u3iroes1PY679u9b-6jMoHnn_Dnf8ZQXpnak2NXKiqDLzApFf8OCUeefdc1wEBb-4Eb_N1aSG255C5ffdzFxPSyk6SCnO0ez9ZbU5nnxZ7xwEXv1tQyqEXDhb755V4sFBt0oBxLzThjQEi_3BRs3Gp9CbED7SuaYTyhJcndkiMneaTs-7QtjN-kkpGBIsGYyYSGfrqSqRiHBfYx1F9yMHz_AZpB6r8DdXowJsG5sYYtnAFd1ORKqe7zqz__WQgIKhVXo1mY15fw5nUxGIDnWZwTz5jX-boTrt1pTZyGuo0KdoF-86VqHUeeebhuitoYVlPOAxWzWj8txxwHnqZEuZ8d-OzNHnDaIEoThk0n1PV1US1S4BPDUr76OU-M-c5rCqs1DVvQet49XMyIMImsFNpvi-fW1vyIrOjR7bZ5ddFizpEZ0r_INAwLzY1gxxvGblkb7Sdzqelf2JUXC9io9aVYXj3zhyN2f2ZXjynW4_g28arJmsn8M5Bxc5kILADTm-M5zmv3n2vholq8QDpT5ePJw2VWed-gBzsJf3oiRvtpZ_ZAlRsMC-h9mlc0lYxD39n-uOoe7y-BV_FHOELa_cMvoDAhjjI-f23uzCbhxfGoFbP_SeNgeO8_ib4HWfFAaATn3D3f9lbksriwYJtbNbjNOcFxrolPXKEMUy_ZrkRYcygddXzYVlAu0em9o8YLogAcNMg2iKorHetMIvuQwoMOCFBkDSyt2Q2V9EJ9mXMHO_E9ov5KU7FGhjplz5RrFdZct2ax1-EhhzghBFem_NYZwuhl5t9sVSk4szsvnJFKyyxg14wvzRInhWkfCniYyAAKznOCFsNXA5O9L9poRtZxW4M4Yl8_kOynmR97cgMeAeiE06e3xijWbZ8PUjXGXykGoSFiQuXGTSKGBWtMtoeZVxr3IkVa-OEr0gwFpIFTl74H-fTBRiJMgCvs1NdVoIkbJDQclFECRFJ8Xzt1qbX5XeUReYBPtfAjFQQKfOMx-3hF50scMIcbp_DUNu4FwMkiYuK85zWXNMFyqlrwnlheUMDrLaTmbf3kzTa4Q5zOCh5EjFDAvgyF7IJVRyoUa4XW_Mu8bDbQ6W6Cv4CEo6v-arUNRHk3jXAaiT_2vHu9xCL1e7cycGMWTyP-5p6in4aAytcoJFPM1dOWgz-_9-M6S8XxsIjHxFYKDYlcfJRyaiVmmAp8IXUPOTr5gW30PsBOdFp19hTMQ1rznEItv099JDtSXmxlb-m7VTYeqKzsQ34L72QD-OsqCA3w8LvSdKXxJDbz_L8qEW3yyw6oTNPS5UibR4r-IrGvU13cY-hQzM6rkKS7gNklr1SWArQcu50&cid=CAQSXgBygQiDK5hMZkj8IYzC2LknM2G9Sbr85VPWhScLZ4SmUV7FQuPqHQMxV6bb79eCjaTFtwVzPC0-n28sZ7qcznwf0IqedUawzzvavPXF6KPkTgxb0KEgFtNQ39Rx_uIYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.itpro.com%2F&ds=l&xdt=1&iif=1&cor=1052251477374159200&adk=2742791599&idt=201&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8d9e99ad2464f164ee445ac909a6fbcc2262c5996bfd8c0fc2f24b65f4b28800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11353
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 5168 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
Origin
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 16:30:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28426
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 16:30:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 5168 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DV008y5Og0w1sULGp92sgwVYaczogkUxZ9sanyTihck5yznn_hzEKggwLa2rxvNHqr5iz2IxrbUilSFS1p-jmtr4Kyow&cry=1&dbm_d=AKAmf-CQbqB5eYWE3m0mpHzZ3bsgtM4jwAv3NNdV5lxbqLqxqWiE47YLcgpWX_9aCPugm3mv3eV8gaPnJvrjOB_8FksdOzR0S2b2qpD_5xSYqnRy4kwIEUFqE7-DFEIDs9T4-sVO7oiWqWrn2t7gfK-oRWrVM4n-J8NKUnzSaeUbHERn4bIVGxZMEDwf8uAiJBls4eVaaWmZ7ZRZiKJe8DGOp1efvbqzEnYJURnAF0n6cZwx3O5XA1jBHiDcCZujRGDofbp6y4YTqwelzQDYSfTxVVTHTTXFNBeST6qxq8ZbdKtnlHid5FAfNTyN5cybTueTcgR66gMKFNtHT6nQjhKqFDaV-3W-a0-2NM2bHqsgIJ5_XYiLt2b5LaR0X4UsbS5bWEO-oZsI5s2_wAz9GhXW2rXfXymA-bNWrOrNt8KpIYi6bNSJDLSzP1-WaDa_UpzFvrA_57YdCBxCjxCAhylv3i51KNvh-PVRAyNs0H6dtgHwCdZN_9iWnSWeGuITR2HDiLH_A1ZnCrGz61pIZN9QRMDiRP8HxmTppeDtmf_kq_EwP7YTvHVDcd1kjVUeW5n6w9BXBm9_-m9FpZe3pXmtPkXf_Rmr-cAM7Dqwh9JiWY44mHYCPT0uNQuGAXXc2ckX8S4tQU9Dxt0CNp8Hz9O2RUhMxyp84FOieZyZhhjOWC_wfDGbHTQ3Z78mOK7deaZFy34Kgfvs44rcCYmuxRhLXVqXBMz2Y1IzeaeSVJGcxaQGUj6Sn6j9tHcDIFiDIsMAH9p8f7MhzlCFHHOwkkmIWQjs-N95ygsecYhu-efdQjY6LHCLHsKWvDIQg4PUVguqD9Je9b-bIqZ0AVBABpeMR9QQ_5FIFN7bQMR6v_1yL3P6oF3l_DIEQ8Nd1APRkF7rURWclNsgH71ejc68ePdqO2o7J6B9kgXOjLrAeLITsuNWp29V-ddOsx2ko9D46n7gRZYG9F-K7tFjou39hD07lOfTXxBe2fG9t9pt1vyewoqMCLx54DsIZsdcC_aWXNmW1jcluYU2zQ-bpRO2vU1GJ8s7guyV1K73QxVZu_UofJ_ILfBlI-qp0-SSmQs4CTCOOYzv2tJ50r9H16zKNKCshlSzdZZ5DfbP5ZR-cCCfydG9a7YR1AAyNyKIQODvVosq4QsX17O7FeGMYnKlfj_H_m7z-GrzhD8HiQcD-_DHWOC_8l8g6JsI0l55O3l8WJXcDsEy9gB50X-shcgR9y7tuXxyUqM6mqtwt9gJ_eU0NuPlrNv8Ck3pHmuPaQksKk24eHNNLaNPrcwk51ekybQU-GTknnnZ0nMXhCbiUlRdepZpN3jmlYPP04t6rRh4G1aTOI0Xg3-sn5fUuJ00yOSyB0I9_nJ9zvfAdeiT6s74dajXJEM7bqbpi7vFvxMhZV5CXdq5u6uLVGu6ghEQJE2HP1X_azUAT0fmMB4qia4aFkW9kqIjo3NtsfXZxuSxEkxP6UxAjKtYwZNUqtpx6VuUfCXvycStnyLB7J5ApYrZC4wYUNuIDrF6Q157CfWYiEBqzswHhAdzySQQUQAd2bRh7aQghrRqkH0bAPX1BI3FGuQgcAA6-_2pISAc9tzJAC8UyssBVlfBwxE9n0hWftOqKKXNvFREFZJ8GDn9nhRldsRiFl9lIcqJMaBJeCitYiITf5Bv1yW7beNuAOwacNzrytCLEJejj0ZTKx3wc2sIp5Ur76CSQ1lcoYhT21LH_4lsV9jejaEP0Gm5EZUm4vbuSld60q1AmltER2DJPOF6iV8DSFF0CENtE3psQwUsFSOvn3slGGwXcNZ7bL29-DUF_XfDkKAl2jQR7oC4YGZ-TlVwcuh918hg3lbBxf-wS2iZR2OQd8jL_zE1UNQc5n05RZizMIAxdfQ_ilg9ydj_oT4OOfc2DQVE6icc-n7s-GnL_c0d9eXgUeceKNiOA8D7Na_nGMEfvRpjBXu6yCE4lNvnMsCdpJl8HRDFIlFoSi2Fn3q7UBZZ52pgkn6uaZ0Qq7aOByqHyIcozOx-uPmjxF-URopuZkuTtQ_lzMNETykcNIwsdelVqPdEy52-jsNNBlzxRVX9vkqF-lVbsbs7BEvfShk-WTFIBK-pezH7S5T-UsRXZ-zI3cP9pUQNEPBZNMkE3izuuk4JiydYnLD_4ioEkdXcAp6XimXJ2orh8SzJV_yLcn4JMy3oTcOut0qhLt_OxzonEtKZ1oE6iBNaLv1930B1sGoGcGHlIZKUR9GyzhoCt9txQP0ZgqJDLnUMlcAzl1vUyTGR54kLd91CI8Bi7QGPhEk1gsi8tnH_ApXtaKJn2gX6tsKcddZnyDJOiaTd9pHzbB9TW8mj9bp1hcqdw3Rv51oWK-JczyBwVffY4O5hiG7VXsbpx2zS7ZuIz-GZI9YB0U7tJfg_NNfdLXUq5S-qubNy-e5Nhu_uihX49LqtAY0Kln26vpw2qzWIYueK_aBck20O93Gyp1tIFt3ltnLc8XhqnSZBof9EWlDaYg3d_p0izYSC1c4ydN3uSIhCQi7WtmFJ0Z0cFYoS-WNFBwSU88ACLpbJc04olX0WM0GpN9tnay0ea8Ox982HBn919npyOiRscrjsAkozV9aJoexdHv2ppabIHu7hMjdy3FdhNJP8dRjLjwgYiWi0UMv1pkKrsRr-sco4wSVVAKpCnimdnvUpfuRFPZNiSJyHLxAv0Mr5Aqhoxwnoi3sHVvFSYgMAnTrh1wk-_y3XsF5Mq3RVa9Vr5KwXu3-J6U7f5FShkIa87P6gy7AhdLn2W_5dKQp2oVJBfWexyOhCnfCcIJFlNcV_NhBWl01F00kj0VOvMQMqLhFSMJHfLzXKPuGWSgAlYGN237vJOtKG6B9i-Tef-ZnLRfuJfbk1ofTCv5yIjSg713deWoGcvAJTPkjsTFkJEW6voN2_tJecx_Uhs9FSwUBZFBISyBaxqATQyVGGlGjF99Sbt4h-vpAs2BrR0PUDtMI2uhurX0X3Pfrd-sz5CuCa7qBi8vfA4Bx7tbUn2jYsAnhnf-hSinVWUg5RxXU1qcVXQlog5m8r5z0TeHOvevksTQq9ErMUZxc4stAPxN7uMpAn4PpbskbhN-fy05sjHoSb2DR1CzS1PqCOUGvyBzu-UuAPN5Ghs0aqKq3Ll3aMI9_B1yja5PMeqt4W0b19kFeHPCRg96kKb9aBszppMOsRccC--8krZozH-Y7AyaFIvPwokUiDRXDKPRV7KLqMEvJwofaEAMnQK7kbAj3Fr6UGpbcTd7Fj57W4D7FoYSE236A0OhVDrg6m7NoACvjr6jhK9ahrvbnL4fb7xUm5sY02yFX2wyUVIEvHwHcx5SJGzNpkATwensQTim4ncnW5sO3zwEbGOUHmrxuRzNzraHu2Q60gB8rRGM6qYoMrp98G-TTfT6u4_GKiNhEvFZds08ysKAmY8uMNjp3wuxT6lWmPUrBIEForNLRTTxcr-cjuN1F2Q_y9uKbdtGatHAfcLn_2pYR_xmQy5X6MGX1GjjSQGUUMyPuWmbh17xyrglSbB0-_XbIQ0StKx_T2oWd37vV_d-LtczVhOFHwXl5ZwDI6sDKN_zkvZY6F1lzh3e91Gkedr-SkicqSRrK5i8KVHQ&cid=CAQSXgBygQiDK5hMZkj8IYzC2LknM2G9Sbr85VPWhScLZ4SmUV7FQuPqHQMxV6bb79eCjaTFtwVzPC0-n28sZ7qcznwf0IqedUawzzvavPXF6KPkTgxb0KEgFtNQ39Rx_uIYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.itpro.com%2F&ds=l&xdt=1&iif=1&cor=3334868727047606300&adk=2975593758&idt=167&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 16:30:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
28427
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 May 2023 16:30:37 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 5168 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DV008y5Og0w1sULGp92sgwVYaczogkUxZ9sanyTihck5yznn_hzEKggwLa2rxvNHqr5iz2IxrbUilSFS1p-jmtr4Kyow&cry=1&dbm_d=AKAmf-CQbqB5eYWE3m0mpHzZ3bsgtM4jwAv3NNdV5lxbqLqxqWiE47YLcgpWX_9aCPugm3mv3eV8gaPnJvrjOB_8FksdOzR0S2b2qpD_5xSYqnRy4kwIEUFqE7-DFEIDs9T4-sVO7oiWqWrn2t7gfK-oRWrVM4n-J8NKUnzSaeUbHERn4bIVGxZMEDwf8uAiJBls4eVaaWmZ7ZRZiKJe8DGOp1efvbqzEnYJURnAF0n6cZwx3O5XA1jBHiDcCZujRGDofbp6y4YTqwelzQDYSfTxVVTHTTXFNBeST6qxq8ZbdKtnlHid5FAfNTyN5cybTueTcgR66gMKFNtHT6nQjhKqFDaV-3W-a0-2NM2bHqsgIJ5_XYiLt2b5LaR0X4UsbS5bWEO-oZsI5s2_wAz9GhXW2rXfXymA-bNWrOrNt8KpIYi6bNSJDLSzP1-WaDa_UpzFvrA_57YdCBxCjxCAhylv3i51KNvh-PVRAyNs0H6dtgHwCdZN_9iWnSWeGuITR2HDiLH_A1ZnCrGz61pIZN9QRMDiRP8HxmTppeDtmf_kq_EwP7YTvHVDcd1kjVUeW5n6w9BXBm9_-m9FpZe3pXmtPkXf_Rmr-cAM7Dqwh9JiWY44mHYCPT0uNQuGAXXc2ckX8S4tQU9Dxt0CNp8Hz9O2RUhMxyp84FOieZyZhhjOWC_wfDGbHTQ3Z78mOK7deaZFy34Kgfvs44rcCYmuxRhLXVqXBMz2Y1IzeaeSVJGcxaQGUj6Sn6j9tHcDIFiDIsMAH9p8f7MhzlCFHHOwkkmIWQjs-N95ygsecYhu-efdQjY6LHCLHsKWvDIQg4PUVguqD9Je9b-bIqZ0AVBABpeMR9QQ_5FIFN7bQMR6v_1yL3P6oF3l_DIEQ8Nd1APRkF7rURWclNsgH71ejc68ePdqO2o7J6B9kgXOjLrAeLITsuNWp29V-ddOsx2ko9D46n7gRZYG9F-K7tFjou39hD07lOfTXxBe2fG9t9pt1vyewoqMCLx54DsIZsdcC_aWXNmW1jcluYU2zQ-bpRO2vU1GJ8s7guyV1K73QxVZu_UofJ_ILfBlI-qp0-SSmQs4CTCOOYzv2tJ50r9H16zKNKCshlSzdZZ5DfbP5ZR-cCCfydG9a7YR1AAyNyKIQODvVosq4QsX17O7FeGMYnKlfj_H_m7z-GrzhD8HiQcD-_DHWOC_8l8g6JsI0l55O3l8WJXcDsEy9gB50X-shcgR9y7tuXxyUqM6mqtwt9gJ_eU0NuPlrNv8Ck3pHmuPaQksKk24eHNNLaNPrcwk51ekybQU-GTknnnZ0nMXhCbiUlRdepZpN3jmlYPP04t6rRh4G1aTOI0Xg3-sn5fUuJ00yOSyB0I9_nJ9zvfAdeiT6s74dajXJEM7bqbpi7vFvxMhZV5CXdq5u6uLVGu6ghEQJE2HP1X_azUAT0fmMB4qia4aFkW9kqIjo3NtsfXZxuSxEkxP6UxAjKtYwZNUqtpx6VuUfCXvycStnyLB7J5ApYrZC4wYUNuIDrF6Q157CfWYiEBqzswHhAdzySQQUQAd2bRh7aQghrRqkH0bAPX1BI3FGuQgcAA6-_2pISAc9tzJAC8UyssBVlfBwxE9n0hWftOqKKXNvFREFZJ8GDn9nhRldsRiFl9lIcqJMaBJeCitYiITf5Bv1yW7beNuAOwacNzrytCLEJejj0ZTKx3wc2sIp5Ur76CSQ1lcoYhT21LH_4lsV9jejaEP0Gm5EZUm4vbuSld60q1AmltER2DJPOF6iV8DSFF0CENtE3psQwUsFSOvn3slGGwXcNZ7bL29-DUF_XfDkKAl2jQR7oC4YGZ-TlVwcuh918hg3lbBxf-wS2iZR2OQd8jL_zE1UNQc5n05RZizMIAxdfQ_ilg9ydj_oT4OOfc2DQVE6icc-n7s-GnL_c0d9eXgUeceKNiOA8D7Na_nGMEfvRpjBXu6yCE4lNvnMsCdpJl8HRDFIlFoSi2Fn3q7UBZZ52pgkn6uaZ0Qq7aOByqHyIcozOx-uPmjxF-URopuZkuTtQ_lzMNETykcNIwsdelVqPdEy52-jsNNBlzxRVX9vkqF-lVbsbs7BEvfShk-WTFIBK-pezH7S5T-UsRXZ-zI3cP9pUQNEPBZNMkE3izuuk4JiydYnLD_4ioEkdXcAp6XimXJ2orh8SzJV_yLcn4JMy3oTcOut0qhLt_OxzonEtKZ1oE6iBNaLv1930B1sGoGcGHlIZKUR9GyzhoCt9txQP0ZgqJDLnUMlcAzl1vUyTGR54kLd91CI8Bi7QGPhEk1gsi8tnH_ApXtaKJn2gX6tsKcddZnyDJOiaTd9pHzbB9TW8mj9bp1hcqdw3Rv51oWK-JczyBwVffY4O5hiG7VXsbpx2zS7ZuIz-GZI9YB0U7tJfg_NNfdLXUq5S-qubNy-e5Nhu_uihX49LqtAY0Kln26vpw2qzWIYueK_aBck20O93Gyp1tIFt3ltnLc8XhqnSZBof9EWlDaYg3d_p0izYSC1c4ydN3uSIhCQi7WtmFJ0Z0cFYoS-WNFBwSU88ACLpbJc04olX0WM0GpN9tnay0ea8Ox982HBn919npyOiRscrjsAkozV9aJoexdHv2ppabIHu7hMjdy3FdhNJP8dRjLjwgYiWi0UMv1pkKrsRr-sco4wSVVAKpCnimdnvUpfuRFPZNiSJyHLxAv0Mr5Aqhoxwnoi3sHVvFSYgMAnTrh1wk-_y3XsF5Mq3RVa9Vr5KwXu3-J6U7f5FShkIa87P6gy7AhdLn2W_5dKQp2oVJBfWexyOhCnfCcIJFlNcV_NhBWl01F00kj0VOvMQMqLhFSMJHfLzXKPuGWSgAlYGN237vJOtKG6B9i-Tef-ZnLRfuJfbk1ofTCv5yIjSg713deWoGcvAJTPkjsTFkJEW6voN2_tJecx_Uhs9FSwUBZFBISyBaxqATQyVGGlGjF99Sbt4h-vpAs2BrR0PUDtMI2uhurX0X3Pfrd-sz5CuCa7qBi8vfA4Bx7tbUn2jYsAnhnf-hSinVWUg5RxXU1qcVXQlog5m8r5z0TeHOvevksTQq9ErMUZxc4stAPxN7uMpAn4PpbskbhN-fy05sjHoSb2DR1CzS1PqCOUGvyBzu-UuAPN5Ghs0aqKq3Ll3aMI9_B1yja5PMeqt4W0b19kFeHPCRg96kKb9aBszppMOsRccC--8krZozH-Y7AyaFIvPwokUiDRXDKPRV7KLqMEvJwofaEAMnQK7kbAj3Fr6UGpbcTd7Fj57W4D7FoYSE236A0OhVDrg6m7NoACvjr6jhK9ahrvbnL4fb7xUm5sY02yFX2wyUVIEvHwHcx5SJGzNpkATwensQTim4ncnW5sO3zwEbGOUHmrxuRzNzraHu2Q60gB8rRGM6qYoMrp98G-TTfT6u4_GKiNhEvFZds08ysKAmY8uMNjp3wuxT6lWmPUrBIEForNLRTTxcr-cjuN1F2Q_y9uKbdtGatHAfcLn_2pYR_xmQy5X6MGX1GjjSQGUUMyPuWmbh17xyrglSbB0-_XbIQ0StKx_T2oWd37vV_d-LtczVhOFHwXl5ZwDI6sDKN_zkvZY6F1lzh3e91Gkedr-SkicqSRrK5i8KVHQ&cid=CAQSXgBygQiDK5hMZkj8IYzC2LknM2G9Sbr85VPWhScLZ4SmUV7FQuPqHQMxV6bb79eCjaTFtwVzPC0-n28sZ7qcznwf0IqedUawzzvavPXF6KPkTgxb0KEgFtNQ39Rx_uIYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.itpro.com%2F&ds=l&xdt=1&iif=1&cor=3334868727047606300&adk=2975593758&idt=167&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 16:30:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
28427
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 May 2023 16:30:37 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5168 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 19:59:31 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FDCB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DGNpu2e8n8S6u7AyRIH-eQuV6UdWbJLhwfq6vvR9RSd5rLyjY74MWORJiL1q_sa-TXuHmUq6A17Er6u0oBa4awXo6hIa2MuVLEDNvrRbd8PlQMVbP5PlV-D9CTWAs5Zxeif-0NjkqLsa99-0LXp3IpgU7ofeWdKg8G8dSRhKYTyWQ-boE&cry=1&dbm_d=AKAmf-CKXlQxJN6QGqP8Q5HVxOvMxT37KWUF7QeV-0vllhptr6TSv1Gk1GoM9sQ6MZ2s7h5EWDgGLIzzKNZleJrkWXtT_q2Dq24Cz6-jgzycl8vTGBUMyMLywy-Z6A6dzz4HVZ67BbnXE7eL1buGC1trtiLxN32Bk8UX_kU9e5qQx-jVP_D_3aDU9VKhm4Geh1-AbIEuDDKNJqkYkOcSW8xoq_BV1_nO2KYXuQk7NGe3r5FLgup6OINRSZiAL1hcb40b4MBfGJO1LpE49uTpO0Lk55nj4YRlqUAJ0-DP6Ti_ZKKZ4Pl2PYaxtbN6G5c2jx1zNZv6Au61Iw35Xs37Rmb2lB93lKxLDD9TQ5UqonlH4mxI2ouIpAVqmYTlaRPh6Xq_awFFA79eisdsr-YCd2IfJZe5h5edDY2mKrudZoPPeMgVFmX_B258g7LQeu45mTqv5TLfzywW8toAnZZWKreuiRVvWIFrFDXRnTrf33UNdPOhtmgaPkzdYR16Mdk2sn4CAT3ALLjny4zcdIsT2yIdr1TKQPiKNF51x6N8JfysOXy2nz-DsVK5Vaach1NkJwzUYHD_XrbUAD_yjAJGDie8FxginpDa7oO6VNCoQKBGou-G4okzyUHkvYMRARvpW_lcNr8XWOVIVkYryKurINLCsSFtiBDHEiPu6tPMKHFoWOFexH84oxBWL8Q_XftvR5cfgusVHhyyugwgA70E1SIEl0F3oNF86HyX8d9jWBdTaCU02lQ8rBilMQ3hkhPELyClNFMF0ye4RcJCZcZTdXrdqx2TjLZnkfSsOXi7wFi9Hax5FTNHdrbpR1QuyfFOWwYfDugZXqKm1MNAR0t-FOLAAKVWYffzHefmDInWvDGEjFN6DOOCWUtNYlw_88ka-oH3p1NmxmkT5sxkqzIV47nNUemWXMshsOwy7UpSQLoHogmu349he-d8H8c4kK7aA9oRhxA2FEnrQaPmECOnGyD4A3yH6gOZU2wg8FxxSuP2HiF2uammLVZjMQq0ANG2AqaEC9Zt2QBWFdlnlb-oOUExXWaR_7aavl01C4zPW0mjuW5G5U7FJYWNOUcqwdcP1UwSEtD3QlW_x2JWEMLhoA2N1N2liic3TmMaGchSHm9MnnPOe3A1HQBx5eJv8VXnyemunCvyNbgN0ti2Ic6faMyGklnZvc8Z2O3yqf4V_F_bAMKCd5EXRyr_PheQPbkyMigwKlYjmEudqDDN2ayS0zDacYomgqBrZJDsbUxm3YILxPL5ei8pZprtH7pe1tIzF5myp_MtJ1QTJt_l57NTW0Mzh1t5BocP-FXdez0f4UNBgxP8pzQn9U-qNxs_xZ8__go2YX4tx4NQNAk3ZjUR96jbNIcadb5tF7G9nYnI90NttWgrLDDxKeQ67keQTi5_A5uEzQ9KfgsMteiMxzDd4eTaYtUk_JxIswZxye4s-sZv-M6yw4GX5qTod-3gc1XkIYm8wRN9uNA8R97zR3TlkNXuf2w-12Rte2DVBeiVkQZEfmfpjbbvSJo6olwQLOjwioPi_YZux3qfdSbnV_FYvXlEBsZguFsz2OQdMbapUxf8FiJXjDMav58xEoDTHa3xmTYf0npcsoQbTw4yxfhRYw2rpvIdLHyC2n86YlVuFRz3DpB8BENs_u3iroes1PY679u9b-6jMoHnn_Dnf8ZQXpnak2NXKiqDLzApFf8OCUeefdc1wEBb-4Eb_N1aSG255C5ffdzFxPSyk6SCnO0ez9ZbU5nnxZ7xwEXv1tQyqEXDhb755V4sFBt0oBxLzThjQEi_3BRs3Gp9CbED7SuaYTyhJcndkiMneaTs-7QtjN-kkpGBIsGYyYSGfrqSqRiHBfYx1F9yMHz_AZpB6r8DdXowJsG5sYYtnAFd1ORKqe7zqz__WQgIKhVXo1mY15fw5nUxGIDnWZwTz5jX-boTrt1pTZyGuo0KdoF-86VqHUeeebhuitoYVlPOAxWzWj8txxwHnqZEuZ8d-OzNHnDaIEoThk0n1PV1US1S4BPDUr76OU-M-c5rCqs1DVvQet49XMyIMImsFNpvi-fW1vyIrOjR7bZ5ddFizpEZ0r_INAwLzY1gxxvGblkb7Sdzqelf2JUXC9io9aVYXj3zhyN2f2ZXjynW4_g28arJmsn8M5Bxc5kILADTm-M5zmv3n2vholq8QDpT5ePJw2VWed-gBzsJf3oiRvtpZ_ZAlRsMC-h9mlc0lYxD39n-uOoe7y-BV_FHOELa_cMvoDAhjjI-f23uzCbhxfGoFbP_SeNgeO8_ib4HWfFAaATn3D3f9lbksriwYJtbNbjNOcFxrolPXKEMUy_ZrkRYcygddXzYVlAu0em9o8YLogAcNMg2iKorHetMIvuQwoMOCFBkDSyt2Q2V9EJ9mXMHO_E9ov5KU7FGhjplz5RrFdZct2ax1-EhhzghBFem_NYZwuhl5t9sVSk4szsvnJFKyyxg14wvzRInhWkfCniYyAAKznOCFsNXA5O9L9poRtZxW4M4Yl8_kOynmR97cgMeAeiE06e3xijWbZ8PUjXGXykGoSFiQuXGTSKGBWtMtoeZVxr3IkVa-OEr0gwFpIFTl74H-fTBRiJMgCvs1NdVoIkbJDQclFECRFJ8Xzt1qbX5XeUReYBPtfAjFQQKfOMx-3hF50scMIcbp_DUNu4FwMkiYuK85zWXNMFyqlrwnlheUMDrLaTmbf3kzTa4Q5zOCh5EjFDAvgyF7IJVRyoUa4XW_Mu8bDbQ6W6Cv4CEo6v-arUNRHk3jXAaiT_2vHu9xCL1e7cycGMWTyP-5p6in4aAytcoJFPM1dOWgz-_9-M6S8XxsIjHxFYKDYlcfJRyaiVmmAp8IXUPOTr5gW30PsBOdFp19hTMQ1rznEItv099JDtSXmxlb-m7VTYeqKzsQ34L72QD-OsqCA3w8LvSdKXxJDbz_L8qEW3yyw6oTNPS5UibR4r-IrGvU13cY-hQzM6rkKS7gNklr1SWArQcu50&cid=CAQSXgBygQiDK5hMZkj8IYzC2LknM2G9Sbr85VPWhScLZ4SmUV7FQuPqHQMxV6bb79eCjaTFtwVzPC0-n28sZ7qcznwf0IqedUawzzvavPXF6KPkTgxb0KEgFtNQ39Rx_uIYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.itpro.com%2F&ds=l&xdt=1&iif=1&cor=1052251477374159200&adk=2742791599&idt=201&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 19:59:31 GMT
truncated
/ Frame 5168 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00529a693b96df54f67380541623f81aed7612a68f9f18d19c377e77664efb51

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
dvbs_src_internal117.js
cdn.doubleverify.com/ Frame FDCB 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3886119&cmp=29290104&plc=358368120&sid=5775970&dvregion=0&unit=300x600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:769b -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 11:00:18 GMT
Server
Microsoft-IIS/10.0
ETag
"0cda5b9e224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18840
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9463 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
102315
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 19:59:09 GMT
expires
Sun, 28 Apr 2024 19:59:09 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B5BD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
102315
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 19:59:09 GMT
expires
Sun, 28 Apr 2024 19:59:09 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
verify.js
rtb0.doubleverify.com/ Frame FDCB 		1 KB
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_697923864479&jsTagObjCallback=__tagObject_callback_697923864479&num=6&ctx=3886119&cmp=29290104&plc=358368120&sid=5775970&advid=&adsrv=&unit=300x600&isdvvid=&uid=697923864479&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=112&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=28&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3AEAC%40%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3AEAC%40%5D4%40%3ETar9EEADTbpTauTau7e63g_c4%60e53e6%602a52fa5fa_6g54deb%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=8.10&callbackName=__verify_callback_697923864479
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.158.252 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
96c90469c81580e5d4a34b63d5d19b633c80ffabcaa3621c0b0251ead1ccdef5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:24 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
04/30/2023 00:24:24
dvtp_src.js
cdn.doubleverify.com/ Frame 5168 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=17512517&cmp=29544518&sid=3445846&plc=361609063&num=&adid=&advid=10719780&adsrv=1&btreg=553359604&btadsrv=doubleclick&crt=189054813&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:769b -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d14ed8784f0156609b24ed5cf2e753778fa514522b74bcf482e945f93dc3649a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:24 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Apr 2023 11:50:55 GMT
Server
Microsoft-IIS/10.0
ETag
"80b94755a7bd91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3372
index.html
s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/ Frame 58F4 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc879f7a4d472f200dbb8e372b6e7e22af97fcc29deedf9fc439e0f1b5959e56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
161961
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2096
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 03:25:03 GMT
expires
Sun, 28 Apr 2024 03:25:03 GMT
last-modified
Thu, 16 Mar 2023 18:18:40 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5168 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGjlbwzzM9aLZ4l4IyijVsWrixF1kopSPu0dyzmgZZsbFE-h7sKhuzXJrLJAmTL58f85gzhP4l-8u290cQ6Ur9Pw66LwxM714_d9dRz_tVtGTbpg9g1Ufx7opPePWaGd64W6sk5KuLCUn53UZDLCzV5SGinnrgh4JDcUXXJdafXHsKvc-WzQCxyhWb0GWLIFpcxlhpaiV9HWDSvCZQkrNlpwRPEaDnYGrm6Lk_AV7CyiLTGhnFy_t-JguhO2ijA_echOGMYdkrG5FTXaHcxPIAL61pm0UBck8jUsau4WWj-sZQBNMI60FvFdJwRT_JB5-rZyCOocouY6pL75fH3jPbnCJOaOtwVWJya3shV733aQmpSeybxBD1TitjQSKoIXId8beNWLUHDZySNAd2Sago-sVW7XubqzpsIiuVM2INuHcmOaEEOhMU_HoVJPLH8TMLnky7vrJOcEcaUW0BVDdH1nZgnEE4IbBDyP2IBgKowrHJz7TqY4Z4Tx7VxLQybNGU5g9mlJVzancDvZ6HNOwZ110n5iMGk3mEe8xPtD4MY3P8SFgnXy2PZTaBQ47L4kBiCm3SfJ43kKjKyfxYWQ6HgJz-bTDqwZQvp4WmL3DAQj8urIUZPiIPRJgxJxnSl0m5egHqrKz6e1gwz6_HD6aI0m1Obf7q9iZvz9Wiz6g9iMLCMAYANeWe2ITSgRAKyGLKYAUyysDdjD72i92A6ZwW0x9qL8pDXD93YfwLQf6OUfyiqxxSaTL8xCXMKbiIQqjb57JKqdGdpAbB-cmM_DDo5DMOopF9WGVP8Kx3vpMw0B8lIy1nzCorxf7M_IABaOhLUBrxJfvb77yy_fKfydEOaS2Tog_x90iwD-o0uMeIfKAFUoC24229gim9EEMobEfcTbVaQzlpmSpN2A265lpkZKFsrtIG-jMgBoZGVdkk3KVMJxgcP4RAWeFSZ1coVVR65X8ArnU3FlVW_8idduSwE2XnpmXWGDITyKomMbXCjsLvMGpbaEpKd1O3k_dzgk8EsFb05yFEZdgSvl9evhi_LrY-GVf9Pm28WZvfUPO0TJwT58Oh-1WShh_afchTNn31BgCgU-743qkCPJZQqjOWwuq8a00u6vf__DGrqPogF6CZ0Ud-XeGJhjJmvaptnEtyddPt924i11it4PviXfyNjuGy2FFC7XHSSlLSM7Y5oIdUldZ5FAoRg8-1kd8PxuxHLk5C8MJwBEt4sLfwu2Iwmd2WLMYoLKEop_L8zNOtfu0TlbIy7Ck&sai=AMfl-YRaq1YOfU8MS8b9XQVef3SN79LYnF6rn_oLK72PpuKQ2jUqblErncz7UZoAdMzp5qiJY8yDp3oiI_h0jDR-mnXonH7rEdTCZ4eYQbFzvw-pXVwC7ByJ8Cam-72v01nPmxucOBdsegrviwWAvYUTz9-kd98vl8AWCUoddSello16pQuaY6rdcIATJM5EWeo4NDOmNqV_adTZaP8AjejvdV7-BH9NNzxbZUJdtRHKGAkl57NT1INuK5aB07ZbfgwEN2MYyGgv7J_Atw0KZHQ7PO7bdwdnN8SJEWzUSfquvls2cnQ16t-_n-tFK9r0C0y1R0HAIrdyq7qCwlnJheLzzhwiODIYEirndg&sig=Cg0ArKJSzCeRDi43BmfAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=134&cbvp=1&cstd=131&cisv=r20230426.91566&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 01 May 2023 00:24:24 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 01 May 2023 00:24:24 GMT
gsap_3.1.0_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 58F4 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc487336acb3ea5ed2cc6ca09757137d612286c0ebb00587a997ecbea9053546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22938
x-xss-protection
0
last-modified
Fri, 24 Jan 2020 21:59:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 00:24:24 GMT
hero1.jpg
s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/ Frame 58F4 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/hero1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf8ec973584d478fc474c5ff2d336b0c1f5d56868a582e85fc90114dab8d29f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 13:46:06 GMT
x-content-type-options
nosniff
age
124698
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34197
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 18:18:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 13:46:06 GMT
hero2.jpg
s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/ Frame 58F4 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/hero2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01acfaeba791120e18eb99040524ce3cef13a0dd71b78cccdd742f56ffd00711
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 13:46:06 GMT
x-content-type-options
nosniff
age
124698
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30620
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 18:18:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 13:46:06 GMT
hero3.jpg
s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/ Frame 58F4 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/hero3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e068571b2061f8906fbfc52b33f7cc1a519a5f8322a3b6db7591ed4611486006
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:24:41 GMT
x-content-type-options
nosniff
age
136783
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27538
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 18:18:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 10:24:41 GMT
hero4.jpg
s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/ Frame 58F4 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/hero4.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75aa6f0781c8f5618e8a69b331289c3d6ca7586af8e43f54d1552e019b31158e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 12:57:20 GMT
x-content-type-options
nosniff
age
127624
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28172
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 18:18:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 12:57:20 GMT
t0-0.png
s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/ Frame 58F4 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/t0-0.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adc556b78f2b5fdbaaeef7094c3f9908f4eace63abb74d182cc925669750b5fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 20:43:23 GMT
x-content-type-options
nosniff
age
186061
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3737
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 18:18:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Apr 2024 20:43:23 GMT
t0-1.png
s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/ Frame 58F4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/t0-1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c75c9c3a9a39e3d2ee396b7cf82ea03e81831e0b6469a4c5081a5be77046f8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 14:21:55 GMT
x-content-type-options
nosniff
age
122549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2696
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 18:18:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 14:21:55 GMT
t1-0.png
s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/ Frame 58F4 		951 B
978 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/t1-0.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f18e5dbd15444530d5749cac5fc31bf86e7ec378a8080bcdb6dfc3e4bb9110e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 13:46:06 GMT
x-content-type-options
nosniff
age
124698
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
951
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 18:18:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 13:46:06 GMT
t2-0.png
s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/ Frame 58F4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/t2-0.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dce3c9d8381c0fd04a5f180c1fcf818b9c10bdb21c8383ee03c25969ebc75781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 03:25:03 GMT
x-content-type-options
nosniff
age
161961
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1646
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 18:18:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 03:25:03 GMT
logo.png
s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/ Frame 58F4 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2ff12e2ffa635241c11f9e2f97ba6cff84bc883fc790687a71532df39267d41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/917816555927611973/EN_970x250_Toyota_Corolla_Style_Sept16th2020/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 09:05:12 GMT
x-content-type-options
nosniff
age
141552
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17642
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 18:18:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 09:05:12 GMT
wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
pagead2.googlesyndication.com/bg/ Frame 9463 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
360952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:08:32 GMT
wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
pagead2.googlesyndication.com/bg/ Frame B5BD 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
360952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:08:32 GMT
dv-measurements3743.js
cdn.doubleverify.com/ Frame 8BB8 		532 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3743.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:769b -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c5445c33b24fb5f119a759d89aae37970fbfe7e8689d63e3483549eaef0139ae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:24 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Apr 2023 09:55:35 GMT
Server
Microsoft-IIS/10.0
ETag
"8085a3e8497bd91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
102726
visit.js
tps.doubleverify.com/ Frame 8BB8 		724 B
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=111&ttfrms=28&brid=3&brver=112.0.5615.121&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3AEAC%40%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3AEAC%40%5D4%40%3ETar9EEADTbpTauTau7e63g_c4%60e53e6%602a52fa5fa_6g54deb%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=597&ddur=20&uid=1682900664336114&jsCallback=dvCallback_1682900664336376&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=970&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3743&tgjsver=3743&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Ff6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=28&brh=2&sdf=2&dvp_epl=219&noc=4&nav_pltfrm=Win32&ctx=17512517&cmp=29544518&sid=3445846&plc=361609063&crt=189054813&btreg=553359604&btadsrv=doubleclick&adsrv=1&advid=10719780&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1778362661.538906&dvp_tukv=2760054.860045691&dvp_strhd=0.40000152587890625&dvpx_strhd=0.40000152587890625&dvp_tuid=1112903284502&jurtd=916291079
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3743.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0419a906125e2c68b33919caa7b00059dbf273fffc9996f9a48ddb1c98db82ae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:24 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
04/30/2023 00:24:24
gtm.js
www.googletagmanager.com/ 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5DWSLFH
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9dd39b67060ccd4faed4422ae02c521ff52c564c9dd9cd21ab1dec0ec46e906e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39923
x-xss-protection
0
last-modified
Mon, 01 May 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 01 May 2023 00:24:24 GMT
gtm.js
www.googletagmanager.com/ 		190 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KHCPGDF
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7e4193f8872ce1bad107c97d3be646cafa57dc5f4550956b9dee9f2abccf0a96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62016
x-xss-protection
0
last-modified
Mon, 01 May 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 01 May 2023 00:24:24 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5168 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGjlbwzzM9aLZ4l4IyijVsWrixF1kopSPu0dyzmgZZsbFE-h7sKhuzXJrLJAmTL58f85gzhP4l-8u290cQ6Ur9Pw66LwxM714_d9dRz_tVtGTbpg9g1Ufx7opPePWaGd64W6sk5KuLCUn53UZDLCzV5SGinnrgh4JDcUXXJdafXHsKvc-WzQCxyhWb0GWLIFpcxlhpaiV9HWDSvCZQkrNlpwRPEaDnYGrm6Lk_AV7CyiLTGhnFy_t-JguhO2ijA_echOGMYdkrG5FTXaHcxPIAL61pm0UBck8jUsau4WWj-sZQBNMI60FvFdJwRT_JB5-rZyCOocouY6pL75fH3jPbnCJOaOtwVWJya3shV733aQmpSeybxBD1TitjQSKoIXId8beNWLUHDZySNAd2Sago-sVW7XubqzpsIiuVM2INuHcmOaEEOhMU_HoVJPLH8TMLnky7vrJOcEcaUW0BVDdH1nZgnEE4IbBDyP2IBgKowrHJz7TqY4Z4Tx7VxLQybNGU5g9mlJVzancDvZ6HNOwZ110n5iMGk3mEe8xPtD4MY3P8SFgnXy2PZTaBQ47L4kBiCm3SfJ43kKjKyfxYWQ6HgJz-bTDqwZQvp4WmL3DAQj8urIUZPiIPRJgxJxnSl0m5egHqrKz6e1gwz6_HD6aI0m1Obf7q9iZvz9Wiz6g9iMLCMAYANeWe2ITSgRAKyGLKYAUyysDdjD72i92A6ZwW0x9qL8pDXD93YfwLQf6OUfyiqxxSaTL8xCXMKbiIQqjb57JKqdGdpAbB-cmM_DDo5DMOopF9WGVP8Kx3vpMw0B8lIy1nzCorxf7M_IABaOhLUBrxJfvb77yy_fKfydEOaS2Tog_x90iwD-o0uMeIfKAFUoC24229gim9EEMobEfcTbVaQzlpmSpN2A265lpkZKFsrtIG-jMgBoZGVdkk3KVMJxgcP4RAWeFSZ1coVVR65X8ArnU3FlVW_8idduSwE2XnpmXWGDITyKomMbXCjsLvMGpbaEpKd1O3k_dzgk8EsFb05yFEZdgSvl9evhi_LrY-GVf9Pm28WZvfUPO0TJwT58Oh-1WShh_afchTNn31BgCgU-743qkCPJZQqjOWwuq8a00u6vf__DGrqPogF6CZ0Ud-XeGJhjJmvaptnEtyddPt924i11it4PviXfyNjuGy2FFC7XHSSlLSM7Y5oIdUldZ5FAoRg8-1kd8PxuxHLk5C8MJwBEt4sLfwu2Iwmd2WLMYoLKEop_L8zNOtfu0TlbIy7Ck&sai=AMfl-YRaq1YOfU8MS8b9XQVef3SN79LYnF6rn_oLK72PpuKQ2jUqblErncz7UZoAdMzp5qiJY8yDp3oiI_h0jDR-mnXonH7rEdTCZ4eYQbFzvw-pXVwC7ByJ8Cam-72v01nPmxucOBdsegrviwWAvYUTz9-kd98vl8AWCUoddSello16pQuaY6rdcIATJM5EWeo4NDOmNqV_adTZaP8AjejvdV7-BH9NNzxbZUJdtRHKGAkl57NT1INuK5aB07ZbfgwEN2MYyGgv7J_Atw0KZHQ7PO7bdwdnN8SJEWzUSfquvls2cnQ16t-_n-tFK9r0C0y1R0HAIrdyq7qCwlnJheLzzhwiODIYEirndg&sig=Cg0ArKJSzCeRDi43BmfAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=485&vt=11&dtpt=351&dett=3&cstd=131&cisv=r20230426.91566&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 01 May 2023 00:24:24 GMT
bsevent.gif
rtbc-uw2.doubleverify.com/ Frame FDCB 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-uw2.doubleverify.com/bsevent.gif?flvr=0&impid=7fc213951940467cb65127e02cbcb9b9&vfdur=238&cbust=1682900664492550
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.158.252 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Mon, 01 May 2023 00:24:24 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
04/30/2023 00:24:24
dcmads.js
www.googletagservices.com/dcm/ Frame FDCB 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:21:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6883
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 19:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 01 May 2023 01:21:50 GMT
impl_v95.js
www.googletagservices.com/dcm/ Frame FDCB 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v95.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 21:06:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 18:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 21:06:51 GMT
truncated
/ Frame FDCB 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8479a2a5baec01229ce6a83865dfc0adc4f0162c2ed56478bef0364ec4e1f532

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9463 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRnXGtwZPZInaOI_CzgXoraloAAAAADgB4AQC&bg=!7O-l77vNAAb9Sbh13Uk7ADkAdvg8WkygI-LgWk6M4O0ikcenWts8v4H5rONrYY6ejbvTN3m5InvdhgDXk_DWCjZU39G3-5FOMcsCAAABj1IAAAACaAEHmQMkTKWcGl14GvsgstlEGQoWslcxIUDwsnUC6XV0xLwXl2ITFXrKcKtRmBugXUx7sgDk3unG2Sf0cwV53tUylulPzZNXyUwoziyCc9LKYoOeoxYNqPBMXui5mDVwEXpgMM4g_caHAJ5ufvP012MCKNrDVlj2oH0uw63PUMKRgjoe3zIsKqx1SOk22ZWm3dikcJ7SPOn2XEwifvzimuGlIg7vfwLYijAFIi3iAhmSaQ61qUpmeAuyjAXyUhWHAtPWkav3gU_UAL4PHX880JN1MhIbIAMJa1RdpLDTiu-MiIYBhbvhsSRwnLGKYHDDhkpcI0HAIxp9iBQ1rtNM9Z1zNIZEE9nlbqvg9HdLe1-PlrW2fwer7d6TeaiUdcfQzE429oxFMeW68qtXhdFIiU3n4hrrDZXWtLO5-JRjhxvzKQzy_ehOPmpqUN1t21IA5gcV8qbC7Z3PtpK4e8ao_lQB_MVkiX3t_etIDuIDdiGeIE5zNXlmp33ualUEJLlcpjmpNle_V3kZvNytHKdoU6ME9J_J87WBebz8eYE8tWH39DbkXial-HLrFo_WQ3XNM9Bzdmu8rCCNdiahSVrN7YWLi0ZSiGE2G0z3G9XxGpFi6tJW5TuqFAgERZAx9wsDCd-N0_VBwyPtr7LMweIBCehpgRKhsBdnxMK7QuMz6ecQgvwFOHhrxNAWFxOUMTRDKqtxicTTsbEvbpEKRDD8UokhGiM4Tr3sHyYP5XH1cNsm91LkgEAZq8nhW2t1Aq7nI9Zq25kMrMiaVjl_V3l1YTn_r2fBi9WQweT2kGHym5t6fza5qQ3w6eirPExGM4xI8kQi4aK3V1nTNCGy6_tDGor2FIN9Pb1d7528a9ppIcEtNU2X6n5ARSyAckC5FTPEcDtASLtCvksq2WK2gdS7nWrv08rVUYjGAHquDFLvGdWaPcgZf1idJRjzyllsLsaDjZcFHv5muKUsu5es_mnjqWxoR87rM3weS8MObD5YRwHel39W4ra6lX-XABpng2pbndk32yV8uvr1WT7b_Iqspujl-XHpMwUg2KnDHtTAY6QhmTGLEHQxmGBF
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E36MVD1BQT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHCPGDF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2888f5d77455ddb20af9538b2e98e668d94dfaabf3df23209255d77e7d27a91f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79570
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 May 2023 00:24:24 GMT
tag
btloader.com/
Redirect Chain
  • https://futureplc-com.videoplayerhub.com/galleryplayer.js
  • https://btloader.com/tag?h=futureplc-com&upapi=true
22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=futureplc-com&upapi=true
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Server
2606:4700:20::681a:78b -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
502ce491f9981b7e125f4eb591c25f78e16a759cf52d4726d26eae2b57fdef9c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:24 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 00:05:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1083
etag
W/"53c836a50be1d941b9ddbdd5624b6bb6"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQtGqU7PU6RfO1UX30MpDj%2FaZDz7fUF2aXScgtb7AbM%2FWLzNTtmFHRgMZsPg93%2FHwbfa6rivxGClFLwExbLOsvGGjYqiymSqJvO%2BcRszw8Hn6GJ45XHyYxb9H2Mwf5yJiB18Q8TKp1JoiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7c03e1a3e9bea220-YYZ

Redirect headers

date
Mon, 01 May 2023 00:24:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9wxqCgUVubmIhlXanzMas7POCMrihwmcGvrkphKsnEUE5160I9X7V2CETwMSm5w2VslLXi%2B3xBzoCzvwQJy%2BK0KVT4tLaSWCco1FZVMiVl7xN6HTqyxKDAixGXMkqrS016FBbD70NZPWl6%2Fx3frUKDe9RzWBNqGSO7vXXx1"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=futureplc-com&upapi=true
cache-control
max-age=3600
cf-ray
7c03e1a328e917b1-EWR
expires
Mon, 01 May 2023 01:24:24 GMT
540347474949339
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/540347474949339?v=2.9.102&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
498361d0a38611040aa7bb7cf867625f72edf253a09c7a81cb047b9bbe2c1d75
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 01 May 2023 00:24:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110200
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
2Nr/zZhsaWf5QMDjAOPLojwn8oC+f54O5mRRCDgdi0OHAyHpmYXoRa2eV6dkzVRTNxHhf0HVAHiYhpDhVHcUmQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
itpro.js
cdn.brandmetrics.com/tag/62da25c406df470db725091722ab7306/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/62da25c406df470db725091722ab7306/itpro.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d12 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:24 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iE9PelLW6s%2Fdx0NHWAYpXqVhvutuxdwMJelbKGfevrGC7Bp%2BEJYCHFhXenhJYupHASBR9ScKBXOmIaUlsUoslIOGBhs9d%2Bx00%2Bo0kSkvIv43eTidCJGnm33F%2BKdA9irSfvK%2FwFX5RcYPWvdZMNVlocA"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=3600
cf-ray
7c03e1a2eb8ba1f8-YYZ
content-length
0
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
px.js
p.cpx.to/p/12529/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12529/px.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.149.101 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3534d2e3f9e77a667106416716da4f605ea3f1a3180a13d90d89622e96f9ffa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:24 GMT
cache-control
max-age=2419200, public
content-length
1990
content-type
application/javascript; charset=UTF-8
tag.aspx
ml314.com/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?142023
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 23:25:50 GMT
content-encoding
br
age
3514
x-guploader-uploadid
ADPycdsxt1r-xwpxRmXoq2VirADHovF4HMaxlT2ENGiJPiAvvqzBNDoIyfwltLNWWqqoxpeW6Hk-BOevoMlVmWlYcRfysgGICaYv
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10521
last-modified
Mon, 10 Apr 2023 17:13:24 GMT
server
UploadServer
etag
W/"b0965f051977c0dd95ffe2c736cac352"
vary
Accept-Encoding
x-goog-generation
1681146804366265
x-goog-hash
crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type
application/javascript
cache-id
YUL-62c5aa93
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
32213
accept-ranges
none
gen_204
pagead2.googlesyndication.com/pagead/ Frame B5BD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4WcEtwZPZLzIOsuKxAO8m6ywCQAAAAA4AeAEAg&bg=!R0SlRBDNAAb9Sbh13Uk7ADkAdvg8WoySVOnGdpn5ht1qpSszyzmJtf10yAI3sTQP2FDyTirVMnlOxvzLizVrK9vwwDh72OiV18wCAAABjlIAAAACaAEHCgAs-k2MB2ieMQrzx1elnQi-Ie2OqP7D7YFKprcMbCSYR-x3UkfXKJopt7sxeo2ZAy8L9sf1mbJyjsygQYUXgxv5DpeOHSX6E-_OoLatrywPejNYvG_wT-GifCEZbHMAoFGit0mqwhHQljer_ZB0dej2-AgmdE9qwuFt8PVhw7DMKT90Nt967BWtLMMD9TqDbNk_P7oC1t_eHxsP6Kkgy53YVw2gTUIDwmOVyI3ZoAbOdY8q9q4_ltMu1TrkeRCMk2Lafphf4YH6QmpsGQH--cJ44-b0k-tNK3nbl3JtP80TqR24WcX5TVHGflX31Zlu9DFP3SQJUsKwfm6hMIEJwAsRJi9f0lQawiiZc3Bbt446sXr_J6Ca3RfWkkEJx7R4_Tmb_pd5HUHYKCXaE18S3xXqJFd0_UVp8SXY-HSAYBVfXoQn_dR236trHUoc1FIjVEEDgdPWktEjM1JKcHAqhpHbB_64iHG7zSl7izlLCShioTh7P7eXVvA7jl-FsN6gMQ5l1Ae-YnB9kKl1wpUGBQAGLpmjX9QNTNvDIQrY23XO37G7GcafutFTBHcaH7xTKUCKySx48-ZAFWh_UN49NRcIGUeY0NEBJPeAJ7s-6kvGsVl0fxQ9QYuQGlIv0yRNGKsTl1roufL-PkBe4CJgQT4zdk4TNGz62xtbVdAabNiNk9GAB6gpZg-tNJIrLYMYIz1I9DHmQ72ACJWt0BcaPbEqM6GA7jfCAc90-VhlgJyGwTJFNfWZYN_gLPMQT7yDlpJtV7aoRUl9XR4VnpJz302psRdYrFQ1mWhKwidTie4xYZVo-_lPTivs1ipmCCnwhD4pNbQdR0qYTG_9hK6Vl7BW7pJ5UaMnBk_eYTHN02xWxR9vODO0lo2hYwET-Auhqr8MxJsxhWDkETCkkRuY2Aq4FamS-eCiXwuYGmOow6PCIBVhTU7DZHFFM3lk0CoOwJzEMraJmnGQxc2BJfl4K8ycBRVs4VvTjr3eM7lZHuZkurIOd1gEJEZOHRBCPOlDWIaBWrcuEMwuztQmH-9Xfm58TtwV2uViQ9qNEm3PouyWjbgDjbDFlShf4tgncqamUkSvI_aaCKro_nMtACH6YV6CdwbKcl6Zmbkxh8NlUApphsNJvwSoniaTK2QEdkSdGw
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
utsync.ashx
ml314.com/ 		644 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=51599&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&pv=1682900664790_sihrqe22s&bl=en-us&cb=6599164&return=&ht=&d=&dc=&si=1682900664790_sihrqe22s&cid=&s=1600x1200&rp=&v=2.5.3.49
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?142023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a1722eeffde51afb539ffbfe845f1d17edd91be02d351a35c02add120d3a302f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:24 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
644
expires
0
ud.ashx
in.ml314.com/ 		20 B
482 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.ml314.com/ud.ashx?topiclimit=&cb=142023&v=2.5.3.49
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?142023
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.24.142 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:24 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public
Connection
keep-alive
Content-Length
138
Expires
Tue, 02 May 2023 00:24:24 GMT
collect
analytics.google.com/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-E36MVD1BQT&gtm=45je34q0&_p=1267059334&_gaz=1&cid=177419201.1682900657&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&_s=1&sid=1682900664&sct=1&seg=0&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&dt=6%20of%20the%20best%20free%20malware%20removal%20tools%20for%20SMBs%20in%202023%20%7C%20ITPro&en=ad_impression&_fv=1&_ss=1&ep.query_id=CJbrzMHt0v4CFUKpnwod294FVw
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E36MVD1BQT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-E36MVD1BQT&cid=177419201.1682900657&gtm=45je34q0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E36MVD1BQT&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-E36MVD1BQT&gtm=45je34q0&_p=1267059334&cid=177419201.1682900657&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&sid=1682900664&sct=1&seg=0&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&dt=6%20of%20the%20best%20free%20malware%20removal%20tools%20for%20SMBs%20in%202023%20%7C%20ITPro&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E36MVD1BQT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-E36MVD1BQT&cid=177419201.1682900657&gtm=45je34q0&aip=1&z=1489541776
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=540347474949339&ev=PageView&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&rl=&if=false&ts=1682900664866&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1682900656965.1686365121&it=1682900656745&coo=false&rqm=GET
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 01 May 2023 00:24:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
ibs:dpid=22052&dpuuid=3635350047656771690&redir=
dpm.demdex.net/ 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3635350047656771690&redir=
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.225.48 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-225-48.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v047-005f473fc.edge-va6.demdex.com 7 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
PTriN9RsQ8w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
csync.ashx
ml314.com/
Redirect Chain
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3635350047656771690
  • https://ml314.com/csync.ashx?fp=df1d3c69a94ed6518e1d67b36c05bdfec3c8ba53f7c30f2b000c6738b10894b4f4cb09cee1a4f8eb&person_id=3635350047656771690&eid=50082
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=df1d3c69a94ed6518e1d67b36c05bdfec3c8ba53f7c30f2b000c6738b10894b4f4cb09cee1a4f8eb&person_id=3635350047656771690&eid=50082
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H3
Server
34.111.234.236 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:24 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 01 May 2023 20:24:24 GMT

Redirect headers

date
Mon, 01 May 2023 00:24:24 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=df1d3c69a94ed6518e1d67b36c05bdfec3c8ba53f7c30f2b000c6738b10894b4f4cb09cee1a4f8eb&person_id=3635350047656771690&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
utsync.ashx
ml314.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&gdpr=0&gdpr_consent=
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&gdpr=0&gdpr_consent=
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H3
Server
34.111.234.236 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:24 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
0,Mon, 01 May 2023 20:24:24 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
241
csync.ashx
ml314.com/
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3635350047656771690
  • https://ml314.com/csync.ashx?fp=de285aca32afb3e68c91ff69fdfbd7fa&eid=50146&person_id=3635350047656771690
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=de285aca32afb3e68c91ff69fdfbd7fa&eid=50146&person_id=3635350047656771690
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H3
Server
34.111.234.236 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:24 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 01 May 2023 20:24:24 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:24 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ml314.com/csync.ashx?fp=de285aca32afb3e68c91ff69fdfbd7fa&eid=50146&person_id=3635350047656771690
cache-control
no-cache
x-server
10.40.38.246
content-length
0
expires
0
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2T1LGZpi3yNDIo9c90fTWqRTubsHFHrqQd6Aqp63Zt7s&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
  • https://ml314.com/csync.ashx?fp=2T1LGZpi3yNDIo9c90fTWqRTubsHFHrqQd6Aqp63Zt7s&person_id=3635350047656771690&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referre...
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
52.55.144.0 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 01 May 2023 00:24:25 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

date
Mon, 01 May 2023 00:24:25 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html; charset=utf-8
location
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
193
expires
Mon, 01 May 2023 20:24:25 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7DA6 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvipdZiX8PoSsXdgnv67RA1EpvrdpDR8H29vE9Ad8BBgG4BMmyK7E9PojVeI4AYcBdR0pm5oTvZaFL67boDI_Brs-4ZvUKiKtEMf6R50bGD5jneCfdOJv2EBbFqTMgKRdZRF04&sai=AMfl-YScFQWtGYcLpTCj9Y_uPnogE-Ik7xchdK9zSC-N-Ygj8NYSctpZrSrWY0OdRi9wrOEFCuZkVbUTl8OLB2IFXvEJB22PqIVVC4Rymo88soTrsbWi42e-TysY81amqOqCKxPlpc7uKZA_r9NpaMUcuXAr1T_2ggIvg0557gVecg&sig=Cg0ArKJSzJujIZ7XhNmjEAE&cid=CAQSXgBygQiDK5hMZkj8IYzC2LknM2G9Sbr85VPWhScLZ4SmUV7FQuPqHQMxV6bb79eCjaTFtwVzPC0-n28sZ7qcznwf0IqedUawzzvavPXF6KPkTgxb0KEgFtNQ39Rx_uIYAQ&id=ampim&o=965,857&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=372&tls=1372&g=57.16666579246521&h=57.16666579246521&tt=1372&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
px.gif
ad-delivery.net/ 		43 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
277046
x-guploader-uploadid
ADPycdt_e1uvDZ9znMbUCBkDZP4LwJp4S2JB_HRIM8QnmxkUBhIk2e4w9kGpe6AYWl0IQDssl86SP8spaaQi05kkyQ799pw85mlx
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNWXG%2BO%2FaSOskt3zWGDT0118kIszSXg%2BvLTeCcfjilxQyXRA%2FaiaLuEICPmr7oe0IAd1ZN7b1C5IDPMUsM3kTlvZ04p5xLiZyf%2Blp%2BF96L2OVcvtfAeE0GhxiKraOXqsFv8qvnmIIrPCj%2BwMYg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7c03e1a4ab33542b-YYZ
expires
Thu, 27 Apr 2023 19:49:22 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.166 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 10:33:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49859
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 10:33:26 GMT
px.gif
ad-delivery.net/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.3195515961863673
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
277046
x-guploader-uploadid
ADPycdt_e1uvDZ9znMbUCBkDZP4LwJp4S2JB_HRIM8QnmxkUBhIk2e4w9kGpe6AYWl0IQDssl86SP8spaaQi05kkyQ799pw85mlx
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7lVqNfjkxPYUsqfgmiOqYRu9gbjUCtPkG1kpY6w62XHPWjTvFB1wrwu%2BHtv66NoVZEv6yvZVicpPCrFofvcY%2FoG0aGJyKGz0fKCe%2FhGDrijmEF4P8YmZgrffPkmrcR8CxLZ97saRLdcEwkOzg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7c03e1a4ab3a542b-YYZ
expires
Thu, 27 Apr 2023 19:49:22 GMT
fire.js
s.cpx.to/ 		715 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12529&ref=&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&hn_ver=40&fid=08792bcf-8868-41d5-806b-68b8e6ec4738
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12529/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.80.62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
82b2a5dd0d329ca91154723f9be612f4c64484c609a8da5f245ebba5fae353fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
Date
Mon, 01 May 2023 00:24:25 GMT
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Content-Length
715
expires
Mon, 01 May 2023 00:24:25 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5168 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutYM22RwGCJ8xdkq8VWyYbPQmfYewhY2PU2PWEi6170-qcYtT_WnFWzjOFfQbgd2tQBsAYLh3y-YcKg92PKI0-8FkyXMcevwLrhWstLxEK1LpQoYhiZrIN2ZTp3Ml5Bz4KSVU&sai=AMfl-YTgokwrJYQyFPQE6IPHXZ94JcA2RkfFuEcNkNqTpiUf46TO8H2lI_7tOS_kS0TRpGwz3waEbrlqVST2eumGMkC_jk0I4VwWSsxAZWnyXEz9AJRBxwmob-Qe_k4RScxMNQFSp-VOp0sK2JzbNTwPaBFeMvj-DMSRSjxfR1QxQw&sig=Cg0ArKJSzMetQapts-gKEAE&cid=CAQSXgBygQiDK5hMZkj8IYzC2LknM2G9Sbr85VPWhScLZ4SmUV7FQuPqHQMxV6bb79eCjaTFtwVzPC0-n28sZ7qcznwf0IqedUawzzvavPXF6KPkTgxb0KEgFtNQ39Rx_uIYAQ&id=lidar2&mcvt=1001&p=109,315,359,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=59406648&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682900663539&rpt=499&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
country
api.btloader.com/ 		16 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: futureplc-com.videoplayerhub.com
URL: https://futureplc-com.videoplayerhub.com/galleryplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:24:25 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=oKlKGCM2nK&w=5184536619515904&o=5682682429177856&cv=2.1.11-3-gabc8642&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&sid=2FwL5yWC&upapi=true
Requested by
Host: futureplc-com.videoplayerhub.com
URL: https://futureplc-com.videoplayerhub.com/galleryplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:24:25 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
events
api.permutive.com/v2.0/batch/ 		101 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
62540d81799b4261375998f041dbdbbcfd24c933254f3d9adf398aaef892ecc5

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:24:25 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
/
www.facebook.com/tr/ Frame E518 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.itpro.com
Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.itpro.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:24:25 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12529%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.itpro.com%252Fsecurity%252Fmalware%252F28083%252Fbes...
  • https://s.cpx.to/an_fire?app_nexus_uid=5364052513180930309&pid=12529&ref=&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&hn_ver=40&fid=08792bcf-8868-...
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=5364052513180930309&pid=12529&ref=&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&hn_ver=40&fid=08792bcf-8868-41d5-806b-68b8e6ec4738
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
54.77.80.62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 01 May 2023 00:24:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'
x-permitted-cross-domain-policies
none
x-frame-options
sameorigin
Content-Type
image/png
p3p
CP="NOI DEV ADM"
cache-control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95
expires
Mon, 01 May 2023 00:24:25 UTC

Redirect headers

Date
Mon, 01 May 2023 00:24:25 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cb8ae113-5677-412a-bb23-37cf995b810a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://s.cpx.to/an_fire?app_nexus_uid=5364052513180930309&pid=12529&ref=&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2Fmalware%2F28083%2Fbest-free-malware-removal-tools&hn_ver=40&fid=08792bcf-8868-41d5-806b-68b8e6ec4738
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D08792bcf-8868-41d5-806b-68b8e6ec4738
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=FC8D0EA9-A0C2-4CA5-9C98-C1F067490B0E&fid=08792bcf-8868-41d5-806b-68b8e6ec4738
95 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=FC8D0EA9-A0C2-4CA5-9C98-C1F067490B0E&fid=08792bcf-8868-41d5-806b-68b8e6ec4738
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
54.77.80.62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
Date
Mon, 01 May 2023 00:24:25 GMT
Content-Type
image/png
Connection
keep-alive
Content-Length
95
expires
Mon, 01 May 2023 00:24:25 GMT

Redirect headers

location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=FC8D0EA9-A0C2-4CA5-9C98-C1F067490B0E&fid=08792bcf-8868-41d5-806b-68b8e6ec4738
date
Mon, 01 May 2023 00:24:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
s.cpx.to/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
  • https://s.cpx.to/sync?dsp_uid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&dsp=TTD
95 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&dsp=TTD
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
54.77.80.62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
Date
Mon, 01 May 2023 00:24:25 GMT
Content-Type
image/png
Connection
keep-alive
Content-Length
95
expires
Mon, 01 May 2023 00:24:25 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.cpx.to/sync?dsp_uid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&dsp=TTD
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
179
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=08792bcf-8868-41d5-806b-68b8e6ec4738
  • https://s.cpx.to/ca.png?dsp=dbm&fid=08792bcf-8868-41d5-806b-68b8e6ec4738&google_gid=CAESEMiX_ZYIn4Us2AU1sXOq4Ng&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=08792bcf-8868-41d5-806b-68b8e6ec4738&google_gid=CAESEMiX_ZYIn4Us2AU1sXOq4Ng&google_cver=1
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
54.77.80.62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 01 May 2023 00:24:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'
x-permitted-cross-domain-policies
none
x-frame-options
sameorigin
Content-Type
image/png
cache-control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s.cpx.to/ca.png?dsp=dbm&fid=08792bcf-8868-41d5-806b-68b8e6ec4738&google_gid=CAESEMiX_ZYIn4Us2AU1sXOq4Ng&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5168 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7951395288568&version=m202301230201&ct=76&x=1&cor=3334868727047606300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.html
cdn.undertone.com/js/ Frame B583 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:4600:1f:2473:9080:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a3bf102b192cf0b8a06ea1a89a8beacc51a64059c2b98d995054bbcb6e287f2

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
69262
content-encoding
gzip
content-type
text/html
date
Sun, 30 Apr 2023 05:10:04 GMT
etag
W/"55a2c695384db1f8872ab66920fae4ff"
last-modified
Mon, 13 Mar 2023 13:12:02 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 5a588475f9a075d76c33229107634f8e.cloudfront.net (CloudFront)
x-amz-cf-id
VgwJM01nHeluemMRreg-fADXJYJdFtdri1R87re8RLyybEzBHBJudQ==
x-amz-cf-pop
JFK50-P6
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
taQSmiFtApGCXHWEGOWOQBdJzs8wq2BO
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame 11F8 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
79
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7c03e1a82a47a220-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 01 May 2023 00:24:25 GMT
expires
Mon, 01 May 2023 04:24:25 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 0004 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
2245996f03ecfe81a4a49d4f3a6b33fc0ff79c8ba75cb8f5d23a42fea099ade0

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1068
content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:24:25 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.html
eus.rubiconproject.com/ Frame 3891 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.5.102.29 Toronto, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-102-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 May 2023 00:24:25 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2B5F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162345&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-71-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=32887
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 01 May 2023 00:24:25 GMT
expires
Mon, 01 May 2023 09:32:32 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 449B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
61781
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 01 May 2023 00:24:25 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 29 Mar 2023 07:13:44 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2070, 108570
X-Served-By
cache-lga13626-LGA, cache-yyz4576-YYZ
X-Timer
S1682900666.703331,VS0,VE0
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=themediagrid&ssp_user_id=abb5b102-2b9a-4c28-87ce-8d7b53c60d6b&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-nJts8iBE2pnbqog8VdL.INK_NsN7b8i25h36wg--~A&expires=5&ssp=themediagrid
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-nJts8iBE2pnbqog8VdL.INK_NsN7b8i25h36wg--~A&expires=5&ssp=themediagrid
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Mon, 01 May 2023 00:24:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-nJts8iBE2pnbqog8VdL.INK_NsN7b8i25h36wg--~A&expires=5&ssp=themediagrid
content-length
0
setuid
ib.adnxs.com/prebid/ Frame 0004 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=694731493061520576076
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:25 GMT
AN-X-Request-Uuid
bb1e33bb-6686-4960-90dd-45ac83de9628
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 0004 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=694731493061520576076
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:25 GMT
AN-X-Request-Uuid
349129ac-22cf-4b3b-b8a3-e3f53364853f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 0004
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=7346c5ca-1cb1-4263-a1e2-d35d1dcf074f&dongle=d54f&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=7346c5ca-1cb1-4263-a1e2-d35d1dcf074f&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:24:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=7346c5ca-1cb1-4263-a1e2-d35d1dcf074f&dongle=d54f&gdpr=0&gdpr_consent=
Date
Mon, 01 May 2023 00:24:25 GMT
Connection
keep-alive
X-CI-RTID
0added79-8891-4de8-bae6-d10a27139c7e
Content-Length
149
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 0004
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3646&xuid=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341&dongle=1fa5&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341&dongle=1fa5&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:24:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:25 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://eb2.3lift.com/xuid?mid=3646&xuid=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341&dongle=1fa5&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
xuid
eb2.3lift.com/ Frame 0004
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-aee3e84a-9648-5082-7b18-bc1b6a6da401$ip$149.56.153.187&dongle=4430
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-aee3e84a-9648-5082-7b18-bc1b6a6da401$ip$149.56.153.187&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:24:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-aee3e84a-9648-5082-7b18-bc1b6a6da401$ip$149.56.153.187&dongle=4430
Date
Mon, 01 May 2023 00:24:25 GMT
Connection
keep-alive
Content-Length
140
Content-Type
text/html; charset=utf-8
sync
sync.srv.stackadapt.com/ Frame 0004 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.43.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-43-57.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:25 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame 0004 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=114&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.43.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-43-57.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:25 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame 0004
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2885768169026791528&dongle=d407&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=2885768169026791528&dongle=d407&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:24:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=2885768169026791528&dongle=d407&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 01 May 2023 00:24:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 0004 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=694731493061520576076
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 0004
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAA8Kk7Ing0AACQhPkHy3w&dongle=bzwx&gdpr=0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AAA8Kk7Ing0AACQhPkHy3w&dongle=bzwx&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:24:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AAA8Kk7Ing0AACQhPkHy3w&dongle=bzwx&gdpr=0
Date
Mon, 01 May 2023 00:24:25 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
async_usersync
ib.adnxs.com/ Frame 449B 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:24:25 GMT
AN-X-Request-Uuid
edc7cab5-5f89-4641-a827-8f86133362ae
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FDCB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9704303540663&version=m202301230201&ct=76&x=1&cor=1052251477374159200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:24:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 3891 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.5.102.29 Toronto, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-102-29.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
738bbcb7d8a22cf89eaee4e1374d580261636592306b0d4dc6207579d7461191

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:24:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 May 2023 00:18:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85980
Connection
keep-alive
Content-Length
10019
Expires
Tue, 02 May 2023 00:17:25 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 72C2 		0
0
usync.html
eus.rubiconproject.com/ Frame 72B7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
0
0
sync
usr.undertone.com/userPixel/ Frame B583
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=2e509c79-b32a-0256-2e2f-193d6689c7dc
0
0
sync
ups.analytics.yahoo.com/ups/58293/ Frame B583
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
0
0
sync
usr.undertone.com/userPixel/ Frame B583
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&ttl=1685492665
0
0
sync
usr.undertone.com/userPixel/ Frame B583
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LH43LMLB-28-57MV
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame B583 		0
0
sync
usr.undertone.com/userPixel/ Frame B583
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341
0
0
sync
usr.undertone.com/userPixel/ Frame B583
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-asknpzFE2uGLRdPtD2tgHm.g4PO2u73zCHj7M4g-~A
0
0
t.gif
cw.addthis.com/ Frame B583 		0
0
ibs:dpid=152416&dpuuid=ayn9ia630bwomwtg0f89bp0ju
dpm.demdex.net/ Frame B583 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=ayn9ia630bwomwtg0f89bp0ju
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.225.48 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-225-48.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v047-0c44417bd.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
eYUTarzKTbs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
15597
tags.bluekai.com/site/ Frame B583 		0
0
cm
us-u.openx.net/w/1.0/ Frame B583
Redirect Chain
  • https://idsync.rlcdn.com/403716.gif?partner_uid=ayn9ia630bwomwtg0f89bp0ju
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
0
0
usermatch.gif
beacon.krxd.net/ Frame B583 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ssl-market-east.smrtb.com
URL
https://ssl-market-east.smrtb.com/sync/all?nid=2TUXLJJcKa0vKWTmtdAr&rr=https%253A%252F%252Fsync.go.sonobi.com%252Fus.gif%253Fnw%253Dsr%2526nuid%253D%7BXID%7D
Domain
match.bnmla.com
URL
https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.html?p=12776
Domain
usr.undertone.com
URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=2e509c79-b32a-0256-2e2f-193d6689c7dc
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
Domain
usr.undertone.com
URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb&ttl=1685492665
Domain
usr.undertone.com
URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LH43LMLB-28-57MV
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID
Domain
usr.undertone.com
URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341
Domain
usr.undertone.com
URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-asknpzFE2uGLRdPtD2tgHm.g4PO2u73zCHj7M4g-~A
Domain
cw.addthis.com
URL
https://cw.addthis.com/t.gif?pid=46&pdid=b92b0397e552486d9eaea2b265a9be0a
Domain
tags.bluekai.com
URL
https://tags.bluekai.com/site/15597?id=ayn9ia630bwomwtg0f89bp0ju
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
Domain
beacon.krxd.net
URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=ayn9ia630bwomwtg0f89bp0ju

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 boolean| credentialless object| defaultFlags object| vanilla object| VAN function| lazyObserveElement object| externalsScriptLoaded function| _typeof function| __tcfapi function| __uspapi object| _sp_queue object| _sp_ object| ccpaAppliesPromise object| reliableConsentGiven function| FEPProcess function| FEPSanitise function| resolveFEP object| processFEP object| reliableDOMContentLoaded object| reliablePageLoad string| hawk_widgets_endpoint string| hawklinks_endpoint object| head object| font boolean| gaCookieSet object| adParameters object| bordeaux object| FEP_object function| getConnectionDimensions object| getConnectUserDimensions function| missingImage string| ga_code object| analytics_ga_data string| version string| GoogleAnalyticsObject function| ga object| FEP object| permutive object| googletag object| freyr object| dm boolean| trailingSlash object| FlexiLoader function| cssVars boolean| isIE function| amIIE object| sliceComponents function| selligent_initialiser object| vanL10N function| comscoreIntegration object| dfp_config object| vanillaComponents object| require object| ffte object| xkeys object| onesignalConfig string| ftr_request_id object| __LOADABLE_LOADED_CHUNKS__ object| _sp_wp_jsonp object| slice object| hawk object| Flexi object| vanillaJsonp object| regeneratorRuntime object| fastdom object| __translator function| renderSponsoredPost object| featureVariables object| lazyLoadInstance object| PARSELY object| dataLayer object| champagne function| init_background_skin object| google_tag_data object| gaplugins object| webpackChunkbordeaux function| tmntag_triggerEvent function| tmntag_render string| indexExchangeDeviceType object| bordeauxAds object| bdx boolean| DotMetricsInitScript object| regionRedirectBanner object| popularBox object| localeSelector boolean| suggestionBoxPresent function| fbq function| _fbq object| gaGlobal object| gaData object| jwDefaults object| webpackChunkjwplayer function| jwplayer object| DotMetricsSettings object| diagPixSentCodes object| __iasPET object| __iasAdRefreshConfig object| jwpb object| _pbjsGlobals object| mnet object| ggeac object| google_js_reporting_queue object| pbjs object| prebid object| DotmetricsJSON object| DotMetricsObj boolean| apstagLOADED object| apstag object| _aps object| apscustom undefined| google_measure_js_timing object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| hawklinks object| closure_lm_252354 function| __onGCastApiAvailable object| closure_lm_64065 object| _comscore object| cast object| COMSCORE object| ns_p object| PubMaticSync function| sbiImg function| setImmediate function| clearImmediate object| atsdropmatchpixelmodule object| atsdetectionmodule object| atsenvelopemodule object| ats object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| OneSignal number| __oneSignalSdkLoadCount

277 Cookies

Domain/Path Name / Value
ad-cdn.technoratimedia.com/html Name: tads_tbla_bidi
Value: 1682900659066
.3lift.com/sync Name: sync
Value: CgoIoQEQldfIpf0wCgoI4gEQldfIpf0wCgoI5gEQldfIpf0wCgoIhwIQldfIpf0wCgkICRCV18il_TAKCQg6EJXXyKX9MAoJCAsQldfIpf0wCgoIjAIQldfIpf0wCgkIXxCV18il_TAKCQgfEJXXyKX9MA==
i.liadm.com/s Name: _li_ss
Value: CggKBgjSARD2FA
.www.itproportal.com/ Name: FTR_Country_Code
Value: CA
.www.itproportal.com/ Name: FTR_Cache_Status
Value: MISS-CLUSTER
.www.itpro.com/ Name: FTR_Country_Code
Value: CA
.www.itpro.com/ Name: FTR_Cache_Status
Value: HIT-CLUSTER
.itpro.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.itpro.com/security/malware/28083/best-free-malware-removal-tools%22%2C%22sref%22:%22%22%2C%22sts%22:1682900656231%2C%22slts%22:0}
.itpro.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=460d4b230d22c9d8053d856606082d44%22%2C%22session_count%22:1%2C%22last_session_ts%22:1682900656231}
.www.itpro.com/ Name: usprivacy
Value: 1YNN
.servebom.com/ Name: u
Value: C4D23FADB0DD48F690334327BB251A4D
www.itpro.com/ Name: h_id
Value: C4D23FADB0DD48F690334327BB251A4D
.itpro.com/ Name: dnsDisplayed
Value: undefined
.itpro.com/ Name: ccpaApplies
Value: false
.itpro.com/ Name: signedLspa
Value: undefined
.itpro.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.itpro.com/ Name: _ga
Value: GA1.2.177419201.1682900657
.itpro.com/ Name: _gid
Value: GA1.2.36470777.1682900657
.itpro.com/ Name: _gat
Value: 1
.itpro.com/ Name: permutive-id
Value: 091cde89-731b-4c81-bd05-0150d761a6a5
.itpro.com/ Name: ccpaUUID
Value: 96f4d33b-6771-482f-a45b-6256f6022008
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=e9f55f4c-36a3-4445-8c57-20ec874c859d&Created=05/01/2023 00:24:16&UserMode=0&guid=9b42dc2b-e13b-4f7a-85cc-b1234e5c6d50&ver=1
.6093eccf-6734-4877-ac8b-83d6d0e27b46.prmutv.co/ Name: pxid
Value: 84852727-7079-46c4-8def-94fcf5d99db6
bordeaux.futurecdn.net/ Name: HYBRID_CC
Value: CA
www.itpro.com/ Name: consentUUID
Value: cdcc0cf8-07fa-4d1b-aecb-94f382046b3c
.itpro.com/ Name: _fbp
Value: fb.1.1682900656965.1686365121
www.itpro.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.itpro.com/ Name: _gat_hawkWidgetsAffiliate
Value: 1
www.itpro.com/ Name: DM_SitId1423
Value: 1
www.itpro.com/ Name: DM_SitId1423SecId12368
Value: 1
.servebom.com/ Name: ud
Value: 20230501002417+0000
.servebom.com/ Name: ramp_session
Value: 669B576E460E4629B94C0545EC71A1F6
.servebom.com/ Name: ias.fraud
Value: false
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
uk-script.dotmetrics.net/ Name: AWSALBCORS
Value: oKykmtN+yXTuDFItjj1iQUomsVmtYFE32R4bKOtUfoVLxE8YqUlGcgO6GhS61bgOhI/tPZXNj7iBCNJC+3XYUxLj7/pwaraeklyBPuNr9PU+8ey0/nIbEsQnVlmS
.pubmatic.com/ Name: KADUSERCOOKIE
Value: FC8D0EA9-A0C2-4CA5-9C98-C1F067490B0E
.amazon-adsystem.com/ Name: ad-id
Value: Axfo6vlrk0IvmYqS1zPifR8
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.technoratimedia.com/ Name: tads_uid
Value: 5597529CCA40456999768DE69389154D
.technoratimedia.com/ Name: tads_uid_cd
Value: 20190828051959+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.openx.net/ Name: i
Value: b691c407-1a02-01c2-1e7c-ce12f502d473|1682900657
.adnxs.com/ Name: uuid2
Value: 5364052513180930309
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZE8GsQAGq1TEpABS
.contextweb.com/ Name: V
Value: HSYqt5fCNHLv
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 494124d31b303c3e
.sharethrough.com/ Name: stx_user_id
Value: dfe7fbb1-55ce-41d1-849c-c06fbefaa442
.3lift.com/ Name: tluid
Value: 694731493061520576076
.bidswitch.net/ Name: tuuid
Value: abb5b102-2b9a-4c28-87ce-8d7b53c60d6b
.bidswitch.net/ Name: c
Value: 1682900657
.media.net/ Name: visitor-id
Value: 3259022571455542000V10
.postrelease.com/ Name: visitor
Value: cc48733c-86ac-429a-9aae-2d8d692b1383
.postrelease.com/ Name: status
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBLIGT2QCEE8rc3WhF2HFycgm6SJdPW0FEgEBAQFYUGRYZAAAAAAA_eMAAA&S=AQAAAsI8F52sTrrq7UHMHeQBxws
.adsrvr.org/ Name: TDID
Value: eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
.tapad.com/ Name: TapAd_TS
Value: 1682900658013
.tapad.com/ Name: TapAd_DID
Value: 6e705b26-8a07-45e1-9b2f-bd65b6cf17eb
.casalemedia.com/ Name: CMID
Value: ZE8GsntS6rVM0F29LL34HgAA
.casalemedia.com/ Name: CMPS
Value: 1339
.casalemedia.com/ Name: CMPRO
Value: 1339
.bidswitch.net/ Name: tuuid_lu
Value: 1682900658
.doubleclick.net/ Name: IDE
Value: AHWqTUkqa3w5RFkKypOTPORPbilzWy_4h9df5gAHMLFDDUbelrjyfYTKY5Hf6lmyglg
.scorecardresearch.com/ Name: UID
Value: 1DB4e65dd4604817b8d34f81682900658
.openx.net/ Name: univ_id
Value: 537072971|eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb|1682900658077332
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.turn.com/ Name: uid
Value: 2885768169026791528
.rlcdn.com/ Name: pxrc
Value: CLKNvKIGEgUI6AcQABIFCOhHEAA=
.zemanta.com/ Name: zuid
Value: Cx70wqgOv71vzzsto1ul
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJwC7m-SFA44CJ1f9CHU45Qs1JLt2PztuiA661YWw5GNRnHMqIWr2qZr_gpQC4TM1
.brand-display.com/ Name: _knxq_
Value: 2571cea0-8b34-c2ac-78472fc0.1682900658.0.1682900658.1682900658
.eqads.com/ Name: EQUser
Value: UID=e9f18e9c-c7b9-49ba-bdb1-59a00c492227
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 32bb813a-08e8-461c-ac43-50601fc86e47
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 9VWGNe6ueo26kIGYPnlCMQGKdZKgjbF2aN3VwmEVqAS9HdftB1uKnapX0deSccaGU7isTtU36mb1u0H5NK2Slw%3D%3D
.pippio.com/ Name: did
Value: 2TewLSnfF1ZJk-I6
.pippio.com/ Name: didts
Value: 1682900658
.pippio.com/ Name: nnls
Value:
.bidr.io/ Name: bito
Value: AAA8Kk7Ing0AACQhPkHy3w
.bidr.io/ Name: bitoIsSecure
Value: ok
x.videobyte.com/ Name: vbxuid
Value: d7e8299c-83aa-404a-8a25-2ff9cebaf077
.bluekai.com/ Name: bku
Value: ikG99n/sEtEZEl6N
.pippio.com/ Name: pxrc
Value: CLKNvKIGEgQIAhAAEgYI7OsBEAA=
.360yield.com/ Name: tuuid
Value: b793b3d9-5185-43ff-876b-209598df5c7e
.360yield.com/ Name: tuuid_lu
Value: 1682900658
.rubiconproject.com/ Name: khaos
Value: LH43LMLB-28-57MV
.linksynergy.com/ Name: rmuid
Value: 808166d7-4ad3-429a-83d2-3cc963d578a8
.linksynergy.com/ Name: icts
Value: 2023-05-01T00:24:18Z
.smartadserver.com/ Name: pid
Value: 4497645360037501104
.lijit.com/ Name: ljt_reader
Value: GkeYTLZH5EevHt7VRiGLiTt6
.linkedin.com/ Name: bcookie
Value: "v=2&4c9af26d-b685-4393-8771-9d28ce0e4300"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3005:u=1:x=1:i=1682900658:t=1682987058:v=2:sig=AQFM2Y8Db8Q0J_21V8EyjiubEyxd-0PX"
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005%22%7D
.technoratimedia.com/ Name: tads_ipv6
Value: 2607:5300:60:7867::7
.adform.net/ Name: C
Value: 1
.openx.net/ Name: pd
Value: v2|1682900657.2|iKbwuYvPvMgahEgKkWg2gy.wvmmwtvJeSwrf8vuwike
.technoratimedia.com/ Name: tads_uidp_77
Value: UQZ2Q6HZcRk7nq3bTYZk4bEnb0-uAzwa0SlIWJvu8lM
.technoratimedia.com/ Name: tads_uidp_45
Value: 46671F8B-D497-4BFD-88CF-23186B6CA4E0
.technoratimedia.com/ Name: tads_uidp_37
Value: e982d87b-1ada-328b-8637-db6bc271a79d
.technoratimedia.com/ Name: tads_uidp_70
Value: 1673948501052-981480834937-007220-006-006384
.technoratimedia.com/ Name: tads_uidp_64
Value: 1PkooRCNT_PX4qVqvtJxTTgf2L90aPuQ
.adform.net/ Name: uid
Value: 4462594004579376896
.media.net/ Name: data-sy
Value: 5597529CCA40456999768DE69389154D~~3
.33across.com/ Name: 33x_ps
Value: u%3D212153908003024%3As1%3D1682900659149%3Ats%3D1682900659149
.taboola.com/ Name: t_gid
Value: 3b81a018-f182-48a9-8022-995897b7968e-tuctb488c33
.aralego.com/ Name: sspid
Value: e982d87b-1ada-328b-8637-db6bc271a79d
.criteo.com/ Name: uid
Value: 026893ad-780c-4a5a-9234-f80bf56a9518
.technoratimedia.com/ Name: tads_uidp_80
Value: y-UBsjuH9E2uGKTmtr6crdNjgLqPv3_c1D~A
.w55c.net/ Name: wfivefivec
Value: pUk6ZoCt1PThl15
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzE0MTG1NDMzNrWwEOIz1HUxyPIo8AjOiPeKMgMAi67cTSQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzE0MTG1NDMzNrWwEOIz1HUxyPIo8AjOiPeKMgMAi67cTSQAAAA
.media.net/ Name: data-ttd
Value: eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb~~1
.liadm.com/ Name: lidid
Value: afb9bc19-70c6-40c6-8292-b0cab6feeb7f
.mathtag.com/ Name: uuid
Value: 4321644f-06b3-4d00-9f02-623ffea91b7e
.w55c.net/ Name: matchmedianet
Value: 5
.ipredictive.com/ Name: cu
Value: 7346c5ca-1cb1-4263-a1e2-d35d1dcf074f|1682900659269
.bluekai.com/ Name: bkdc
Value: phx
.agkn.com/ Name: ab
Value: 0001%3ADxZ1o0DxlFDdvua1lJbGcJAf4%2FUHESfU
.bing.com/ Name: MUID
Value: 2D036066E4D86FEE36CF7362E5E36EA4
.c.bing.com/ Name: MR
Value: 0
.media.net/ Name: data-o
Value: ad1192c1-1885-04d5-27e5-789423ca7552~~8
.sitescout.com/ Name: ssi
Value: c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8#1682900659277
.tynt.com/ Name: uid
Value: QxvX/GRPBrMDYEPCdhi+Ng==
.media.net/ Name: data-g
Value: CAESEJA_aSKws9ngJa2ZAhAP644~~8
.mookie1.com/ Name: id
Value: 10594225548510857152
.mookie1.com/ Name: mdata
Value: 1|10594225548510857152|1682900659283
.mookie1.com/ Name: ov
Value: ed1726c28dd42a8c5358b8c1eb7f4ecc
.media6degrees.com/ Name: clid
Value: 2rtyegj011713pnge4990fep000000013c010i01401
.media6degrees.com/ Name: acs
Value: 012020k1rtyegjxzt10
.media.net/ Name: data-mm
Value: f9cf644f-06b3-4900-b8a5-8b10c143e1a0~~8
.media.net/ Name: data-c
Value: 026893ad-780c-4a5a-9234-f80bf56a9518~~1
.media.net/ Name: data-c-ts
Value: 1682900659
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAA8Kk7Ing0AACQhPkHy3w
.pubmatic.com/ Name: PugT
Value: 1682900658
.technoratimedia.com/ Name: tads_uidp_62
Value: 3259006861455578000V10
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1682900659319%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1682900659319%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1682900659319%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1682900659319%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1682900659319%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1682900659319%7D%5D
.media.net/ Name: data-xu
Value: pUk6ZoCt1PThl15~~8
.mfadsrvr.com/ Name: c
Value: 1682900659
.mfadsrvr.com/ Name: tuuid_lu
Value: 1682900659
.mfadsrvr.com/ Name: tuuid
Value: 5b84f903-6fa4-4601-9646-10138d604f28
.go.sonobi.com/ Name: __uis
Value: cc54377c-6a9e-4e6a-b12e-79ecec04d9a8
.media.net/ Name: data-co
Value: AAAMERwIIi-wxgMJv1t_AAAAAAA~~8
vpb-server.jwplayer.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJpbXByb3ZlZGlnaXRhbCI6eyJ1aWQiOiJiNzkzYjNkOS01MTg1LTQzZmYtODc2Yi0yMDk1OThkZjVjN2UiLCJleHBpcmVzIjoiMjAyMy0wNS0xNVQwMDoyNDoxOC40NDA3OTEyMzFaIn0sIm9wZW54Ijp7InVpZCI6IjVjZTM3NDkxLTBhMWEtMGRkYy0yZjI2LWM2ZWYxMDdlMjUwMyIsImV4cGlyZXMiOiIyMDIzLTA1LTE1VDAwOjI0OjE3LjkxMjcxMTY2M1oifSwic21hcnRhZHNlcnZlciI6eyJ1aWQiOiI0NDk3NjQ1MzYwMDM3NTAxMTA0IiwiZXhwaXJlcyI6IjIwMjMtMDUtMTVUMDA6MjQ6MTkuMjA2Mzk0NTk1WiJ9LCJzb25vYmkiOnsidWlkIjoiY2M1NDM3N2MtNmE5ZS00ZTZhLWIxMmUtNzllY2VjMDRkOWE4IiwiZXhwaXJlcyI6IjIwMjMtMDUtMTVUMDA6MjQ6MTkuMzYwNDAxOTI5WiJ9LCJzb3ZybiI6eyJ1aWQiOiJHa2VZVExaSDVFZXZIdDdWUmlHTGlUdDYiLCJleHBpcmVzIjoiMjAyMy0wNS0xNVQwMDoyNDoxOC42MDk4MDkwM1oifSwidW5ydWx5Ijp7InVpZCI6IlJYLTM5Nzk2NGM2LWZjOWYtNDM2YS1hYjMxLWIzYTI1M2Y1MjVkMi0wMDUiLCJleHBpcmVzIjoiMjAyMy0wNS0xNVQwMDoyNDoxOC45NDc2MjQ4MDJaIn0sInZpZGVvYnl0ZSI6eyJ1aWQiOiJkN2U4Mjk5Yy04M2FhLTQwNGEtOGEyNS0yZmY5Y2ViYWYwNzciLCJleHBpcmVzIjoiMjAyMy0wNS0xNVQwMDoyNDoxOC4yNTczODM1NjRaIn19LCJiZGF5IjoiMjAyMy0wNS0wMVQwMDoyNDoxNy45MTI3MDIzNTNaIn0=
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1682900659
.media.net/ Name: data-bs
Value: abb5b102-2b9a-4c28-87ce-8d7b53c60d6b~~1
.technoratimedia.com/ Name: tads_uidp_48
Value: 4e117163-0d23-47c1-ae76-05b5c3deed66
.media.net/ Name: data-rk
Value: 979321832824455813~~8
.media.net/ Name: data-mf
Value: 5b84f903-6fa4-4601-9646-10138d604f28~~1
.rkdms.com/ Name: sessionid
Value: h-80fe0a2b0ad1820743485bcf98cbcda9_t-1682900659
.rkdms.com/ Name: sc
Value: 13%3A108072
www.itpro.com/ Name: usp.23_26_29_33
Value: 1
www.itpro.com/ Name: usp.22
Value: 1
www.itpro.com/ Name: usp.9
Value: 1
www.itpro.com/ Name: usp.24
Value: 1
www.itpro.com/ Name: usp.14
Value: 1
www.itpro.com/ Name: usp.5
Value: 1
www.itpro.com/ Name: usp.36
Value: 1
www.itpro.com/ Name: usp.45
Value: 1
www.itpro.com/ Name: usp.32
Value: 1
www.itpro.com/ Name: usp.2
Value: 1
www.itpro.com/ Name: usp.42
Value: 1
www.itpro.com/ Name: usp.46
Value: 1
www.itpro.com/ Name: usp.19
Value: 1
www.itpro.com/ Name: usp.57
Value: 1
www.itpro.com/ Name: usp.59
Value: 1
www.itpro.com/ Name: usp.61
Value: 1
www.itpro.com/ Name: usp.48
Value: 1
www.itpro.com/ Name: usp.62
Value: 1
www.itpro.com/ Name: usp.64
Value: 1
www.itpro.com/ Name: usp.65
Value: 1
.dotomi.com/ Name: DotomiTest
Value: 5660380b36880fe8
match.sharethrough.com/ Name: AWSALBCORS
Value: R1Ap7B0JXE5MCleFYr4PMUNFcQURhOLjKWEORiTRQ0X+9bqP0DjMVkh8xuYKXCK4yotV8e8gHWB6LsOpzToTp/XHdBmntnTM+0zwoZAJymNaeZCRCDCh00QF0cFQ
.advertising.com/ Name: A3
Value: d=AQABBLYGT2QCEKEoqpySkRdZ_r1A9EOYdOAFEgEBAQFYUGRYZAAAAAAA_eMAAA&S=AQAAAmjKVkMUR_70n9HPVOlNr-w
.go.sonobi.com/ Name: __uqc
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_td
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: __uir_zt
Value: 1
.go.sonobi.com/ Name: __uir_pp
Value: 1
.go.sonobi.com/ Name: __uir_md
Value: 1
.go.sonobi.com/ Name: __uir_yh
Value: 1
.go.sonobi.com/ Name: __uir_co
Value: 1
.go.sonobi.com/ Name: __uir_sr
Value: 1
.go.sonobi.com/ Name: __uir_vb
Value: 1
.go.sonobi.com/ Name: __uir_bk
Value: 1
.go.sonobi.com/ Name: __uir_an
Value: 1
.go.sonobi.com/ Name: __uir_tl
Value: 1
.go.sonobi.com/ Name: __uir_av
Value: 1
.go.sonobi.com/ Name: __uir_en
Value: 1
.go.sonobi.com/ Name: __uir_eb
Value: 1
.go.sonobi.com/ Name: __uir_ad
Value: 1
.go.sonobi.com/ Name: __uir_ox
Value: 1
.go.sonobi.com/ Name: HAPLB8S
Value: s86157|ZE8Gu
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1kbv|4is.0.CAESEDBpXlXmoCFu8DqfD_ITQJo|7TY.0|7LJ.0.cc54377c-6a9e-4e6a-b12e-79ecec04d9a8|2N.0.AAAFprChiHtmegMGT_kNAAAAAAA|3oy.0|7dN.0.AAA8Kk7Ing0AACQhPkHy3w
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZmFkaWBgZmppZGi5ShTONzMyNDIGAENZZG8gAAAA
.analytics.yahoo.com/ Name: IDSYNC
Value: "18za~2be0:18yi~2be0:190u~2be0:18z6~2be0:1991~2be0"
.tremorhub.com/ Name: tvid
Value: 38a8cb24600543599a81473ddc58df9a
.undertone.com/ Name: UTID_ENC
Value: ayn9ia630bwomwtg0f89bp0ju
.undertone.com/ Name: UTID
Value: b92b0397e552486d9eaea2b265a9be0a
.omnitagjs.com/ Name: ayl_visitor
Value: 4b08b0b32fc23e482bc09e6374e83696
.go.sonobi.com/ Name: __uin_ox
Value: ce10475c-6251-093a-3f92-0fdcb313a6cb
.servebom.com/ Name: up_61
Value: y-ptgwb0FE2uJ0SyTlUZ08ubeozupTdrg-~A
.servebom.com/ Name: up_64
Value: dfe7fbb1-55ce-41d1-849c-c06fbefaa442
.servebom.com/ Name: up_62
Value: abb5b102-2b9a-4c28-87ce-8d7b53c60d6b
.tremorhub.com/ Name: tvssa
Value: 1682900662153
.servebom.com/ Name: up_22
Value: 0bdeddd8-ee2a-03eb-2a35-b3da2d9dd968
.servebom.com/ Name: up_23
Value: 5364052513180930309
.servebom.com/ Name: up_26
Value: 5364052513180930309
.servebom.com/ Name: up_29
Value: 5364052513180930309
.servebom.com/ Name: up_36
Value: AAAFprChiHtnIgNkjoiMAAAAAAA
.servebom.com/ Name: up_59
Value: 212153908003024
.servebom.com/ Name: up_14
Value: 694731493061520576076
.adkernel.com/ Name: SSPZ
Value: 183045
.adkernel.com/ Name: DSP2F_71
Value: 343983
.adkernel.com/ Name: ADKUID
Value: A5141132899109150166
.go.sonobi.com/ Name: __uin_pp
Value: HSYqt5fCNHLv
.servebom.com/ Name: up_24
Value: GkeYTLZH5EevHt7VRiGLiTt6
.servebom.com/ Name: up_2
Value: ZE8GsntS6rVM0F29LL34HgAA&1339
.servebom.com/ Name: up_57
Value: y-yoI.V1tE2uFuqAakwiLzaWPR4.mtFddT~A
.servebom.com/ Name: up_9
Value: cc54377c-6a9e-4e6a-b12e-79ecec04d9a8
.servebom.com/ Name: up_65
Value: 4b08b0b32fc23e482bc09e6374e83696
.servebom.com/ Name: up_32
Value: 38a8cb24600543599a81473ddc58df9a
.go.sonobi.com/ Name: __uin_tl
Value: 694731493061520576076
.go.sonobi.com/ Name: __uin_zt
Value: 978477414459663588
.go.sonobi.com/ Name: __uin_mm
Value: 4321644f-06b3-4d00-9f02-623ffea91b7e
.go.sonobi.com/ Name: __uin_eb
Value: CAESEBYXz0LLnEFjT3TsXrQEf4w||1
.go.sonobi.com/ Name: __uin_yh
Value: y-asknpzFE2uGLRdPtD2tgHm.g4PO2u73zCHj7M4g-~A
.go.sonobi.com/ Name: __uin_td
Value: eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsI1qvu8o355DsQBRIWCgdydWJpY29uEgsIps6J94355DsQBRgBIAEoAjILCL68i8ek-eQ7EAU4AVoHcnd1cTlueWAC
.rlcdn.com/ Name: rlas3
Value: M36X0rtUzyseO49+v6VVOEwGTJscqjbF8PzIwlj09Hs=
.serverbid.com/ Name: CONSUMABLEID
Value: 4fed4c74bf6c4cb7ad4c74bf6c1cb710
.go.sonobi.com/ Name: __uin_vb
Value: d7e8299c-83aa-404a-8a25-2ff9cebaf077
.creative-serving.com/ Name: tuuid
Value: 9e764996-7ce7-4548-a670-6482f1d6a5d0
.creative-serving.com/ Name: c
Value: 1682900662
.creative-serving.com/ Name: tuuid_lu
Value: 1682900662
.go.sonobi.com/ Name: __uin_an
Value: 5364052513180930309
.bfmio.com/ Name: __106_cid
Value: eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
.bfmio.com/ Name: __bfio_sync
Value: 818AADC3361169988B459BA55A55A31D
.bfmio.com/ Name: __io_cid
Value: eb7a95ba-b77c-40cc-9b16-3d5978e1cbbb
.go.sonobi.com/ Name: __uin_co
Value: cd3ab30d3ce34ba7bab30d3ce3bba715
.demdex.net/ Name: demdex
Value: 62321307753026226384012847380342615121
.adotmob.com/ Name: uid
Value: 0907220407830ee4b79bfab9
.adotmob.com/ Name: uuid
Value: 0907220407830ee4b79bfab9
.adotmob.com/ Name: partners
Value: AYL%3A1682900662324
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-aee3e84a-9648-5082-7b18-bc1b6a6da401.e7h%2B%2BdmAV3hD3vVtN%2BTsLhU7i9544YURMkJXlybjRFY
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AruPoSpZIUIJ7GLwbam2kAZU4mbs.OQRX4VcCym59xyafX4dXwu7w7l%2F4XbdkL9zRdjuVTJA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AruPoSpZIUIJ7GLwbam2kAZU4mbs.OQRX4VcCym59xyafX4dXwu7w7l%2F4XbdkL9zRdjuVTJA
.tribalfusion.com/ Name: ANON_ID
Value: aMnr6iR3YWj7UXuRvsb92hjQBm20Giy1twwG4vFdDPP65u28NZcUKdrwZbYlyDwj3XYF8gY0ro
.smaato.net/ Name: SCM
Value: 1500f78c
.smaato.net/ Name: SCMsas
Value: 1500f78c
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 5f554578-f0f8-5379-a3c6-f0ffc789f649
.betweendigital.com/ Name: ss
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 62321307753026226384012847380342615121
.rubiconproject.com/ Name: audit
Value: 1|CV+/I7fhajVYWbNeDY293ATkAzg0tJ7TktNLKma9LZQeECEUBMheivdp6TXdAejcKcZAfoLzFHDqFTrNE4+z9k1id1yxWjzF2IYsqV9mFR3dTza3m1n+GKZr5ZVxLWDe
.go.sonobi.com/ Name: __uin_bw
Value: abb5b102-2b9a-4c28-87ce-8d7b53c60d6b
.admixer.net/ Name: am-uid
Value: 5e656fd8777042b59cc44e11cafdd692
www.itpro.com/ Name: _lr_geo_location
Value: CA
.servebom.com/ Name: nuv
Value: 2
.betweendigital.com/ Name: ut
Value: ZE8GtgAGm2gxPdatCvIkpNKb8Z4R0clHJg84dw==
.sitescout.com/ Name: _ssuma
Value: eyIxNyI6MTY4MjkwMDY1OTMxNywiMzkiOjE2ODI5MDA2NjI0MzUsIjciOjE2ODI5MDA2NjI0MzUsIjc0IjoxNjgyOTAwNjYyNDM1fQ
.servebom.com/ Name: up_19
Value: LH43LMLB-28-57MV
.creativecdn.com/ Name: u
Value: dEWL0lDaosXV0fFQ3eCF
.creativecdn.com/ Name: ts
Value: 1682900662
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005%22%2C%22nxtrdr%22%3Afalse%7D
.csync.loopme.me/ Name: viewer_token
Value: 810fd96f-d922-457f-a52a-9afb52bef3ea
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: de285aca32afb3e68c91ff69fdfbd7fa
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSEk1sjBNTE40NkpMSzJONbNItjRMSzOzTEtJS0oxT0tkAIIUf7ZtIBoKAHxSC60%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI8WfbBqSgAAARpwFw"
.smartadserver.com/ Name: csync
Value: 25:4321644f-06b3-4d00-9f02-623ffea91b7e|113:RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005|127:AAA8Kk7Ing0AACQhPkHy3w
.spotim.market/ Name: vmuid
Value: a09985e324964ebe
.spotim.market/ Name: a644680
Value: 694731493061520576076
.spotim.market/ Name: a323548
Value: 5364052513180930309
.spotim.market/ Name: a482928
Value: 5ce37491-0a1a-0ddc-2f26-c6ef107e2503
.spotim.market/ Name: a708476
Value: RX-397964c6-fc9f-436a-ab31-b3a253f525d2-005
.spotim.market/ Name: a309017
Value: c33e0c1e-8f3a-4a1d-bd61-09be1bf4a3d8-644f06b3-4341
.onesignal.com/ Name: __cf_bm
Value: 4HElnlnj9CZcdkS8ouywmdFg_lldBf7IBlpwOPDHIMU-1682900662-0-Abr8PfN+j5BvcAD0cnVZipUu7VsV/tSJqvcWQRwSDcGW+4XiuajFxrFTAB92C1oeMVP3JAZ71uT17vjZprNy9cY=

10 Console Messages

Source Level URL
Text
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 466)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-sticky-desktop.147dc0f8715e81aca16a.chunk.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network error URL: https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=89871,94788
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://jwplayer.technoratimedia.com/openrtb/bids/jwplayer?src=prebid_prebid_7.6.0
Message:
Failed to load resource: the server responded with a status of 458 ()
network error URL: https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=85460,89871,94788
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.dianomi.com/js/contextfeed.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 108)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.brandmetrics.com/tag/62da25c406df470db725091722ab7306/itpro.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
6093eccf-6734-4877-ac8b-83d6d0e27b46.prmutv.co
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
ads.servebom.com
adservice.google.ca
adservice.google.com
amazon-tam-match.dotomi.com
ampcid.google.ca
ampcid.google.com
analytics.google.com
aorta.clickagy.com
ap.lijit.com
api-2-0.spot.im
api.btloader.com
api.permutive.com
assets-jpcust.jwpsrv.com
ats-wrapper.privacymanager.io
aud.pubmatic.com
b1sync.zemanta.com
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bordeaux.futurecdn.net
btloader.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c21lg-d.media.net
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.brandmetrics.com
cdn.doubleverify.com
cdn.jwplayer.com
cdn.mos.cms.futurecdn.net
cdn.onesignal.com
cdn.parsely.com
cdn.permutive.com
cdn.privacy-mgmt.com
cdn.undertone.com
champagne.futurecdn.net
cm.g.doubleclick.net
connect.facebook.net
content.jwplatform.com
contextual.media.net
creativecdn.com
cs.media.net
csync.loopme.me
cw.addthis.com
d.adroll.com
d.turn.com
de.tynt.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
e.serverbid.com
eb2.3lift.com
entitlements.jwplayer.com
eus.rubiconproject.com
events-ssc.33across.com
f6eb804c16db6e1a2da72d720e8dc563.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
freyr.futurecdn.net
futureplc-com.videoplayerhub.com
geo.privacymanager.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.undertone.com
hbopenbid.pubmatic.com
hbx.media.net
hde.tynt.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.rlcdn.com
idpix.media6degrees.com
idsync.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
in.ml314.com
inv-nets.admixer.net
jadserve.postrelease.com
js-sec.indexww.com
jwplayer.technoratimedia.com
match.adsrvr.org
match.bnmla.com
match.prod.bidr.io
match.sharethrough.com
medianet-match.dotomi.com
mid.rkdms.com
ml314.com
mos.fie.futurecdn.net
nep.advangelists.com
odr.mookie1.com
onetag-sys.com
p.cpx.to
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.33across.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.servebom.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prd.jwpltx.com
prebid-server.rubiconproject.com
prebid.media.net
ps.eyeota.net
pulsepoint-match.dotomi.com
purch-match.dotomi.com
purch-sync.go.sonobi.com
px.ads.linkedin.com
qds0l.publishers.tremorhub.com
r.skimresources.com
rm-script.dotmetrics.net
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-uw2.doubleverify.com
s.ad.smaato.net
s.amazon-adsystem.com
s.cpx.to
s.spotim.market
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
search-api.fie.future.net.uk
search-api.fie.futurecdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
slice.vanilla.futurecdn.net
sommelier.futurehybrid.tech
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssl-market-east.smrtb.com
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
stags.bluekai.com
stats.g.doubleclick.net
synacor-match.dotomi.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.aralego.com
sync.bfmio.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.spotim.market
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags.bluekai.com
tags.rd.linksynergy.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
u.openx.net
uat-net.technoratimedia.com
uk-script.dotmetrics.net
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
vanilla.futurecdn.net
visitor-usa02.omnitagjs.com
visitor.omnitagjs.com
vpb-server.jwplayer.com
www.dianomi.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.itpro.com
www.itproportal.com
x.bidswitch.net
x.videobyte.com
beacon.krxd.net
cw.addthis.com
eus.rubiconproject.com
image8.pubmatic.com
match.bnmla.com
ssl-market-east.smrtb.com
ssum-sec.casalemedia.com
tags.bluekai.com
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
104.18.10.47
104.18.16.195
104.18.24.185
104.19.150.54
104.36.115.111
104.72.156.219
107.178.254.65
107.21.30.255
107.22.73.131
108.138.107.138
108.138.128.83
13.225.214.50
13.35.93.124
130.211.23.194
141.226.224.48
142.251.35.166
142.251.40.194
142.251.40.226
151.101.193.108
151.101.194.114
151.101.194.49
151.101.2.114
151.101.66.114
151.139.128.10
152.199.5.228
159.89.246.130
162.248.18.37
174.137.133.32
18.164.101.60
18.164.116.28
18.164.116.39
18.164.124.20
18.164.94.225
18.164.96.35
18.213.234.27
18.219.235.171
185.113.25.52
185.167.164.39
185.184.8.90
192.132.33.46
192.40.39.223
192.96.203.13
195.244.31.11
198.148.27.140
199.127.204.171
199.187.193.179
199.187.193.181
199.187.193.202
199.38.167.130
2001:4860:4802:32::181
204.62.13.72
207.198.113.86
209.54.182.161
213.19.162.90
216.200.232.249
23.221.200.79
23.227.139.243
23.5.102.29
23.52.158.180
2600:1400:9000::687e:769b
2600:1f18:4e9:5a05:b3d5:d2d1:9b49:f7b1
2600:1f18:612b:4200:c281:cce8:5ab8:dc
2600:1f18:61c0:2204:f195:b922:3681:7158
2600:9000:21dd:f000:d:5ce3:a4c0:93a1
2600:9000:2209:7600:1:a3fa:7cc0:93a1
2600:9000:2209:8a00:1:a3fa:7cc0:93a1
2600:9000:2209:e00:1b:5138:8a40:93a1
2600:9000:2511:4600:1f:2473:9080:93a1
2602:803:c001::200:144
2603:c020:400d:3000:67b7:1059:7283:c690
2606:2800:21f:2cf1:7be6:911:71d9:25f7
2606:4700:20::681a:246
2606:4700:20::681a:78b
2606:4700:20::681a:832
2606:4700:20::681a:d12
2606:4700::6812:16ea
2606:4700::6812:18ad
2606:4700::6812:1af
2606:4700::6812:d63b
2606:ae80:1450:16::2040
2607:4f00:957::2
2607:f8b0:4004:c17::9a
2607:f8b0:4006:807::2002
2607:f8b0:4006:807::2006
2607:f8b0:4006:808::2003
2607:f8b0:4006:809::2002
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80d::2008
2607:f8b0:4006:80d::200e
2607:f8b0:4006:817::2001
2607:f8b0:4006:817::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::200e
2607:f8b0:4006:820::2001
2607:f8b0:4006:821::2001
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2003
2607:f8b0:4006:822::200e
2607:f8b0:4006:824::2002
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:600::626
2a04:4e42::626
3.20.111.216
3.214.24.142
3.33.220.150
34.107.148.139
34.107.254.252
34.111.113.62
34.111.151.213
34.111.234.236
34.117.158.252
34.117.228.201
34.117.239.71
34.197.1.203
34.197.160.225
34.200.65.202
34.200.84.78
34.206.15.1
34.242.149.101
34.98.67.3
35.174.196.190
35.190.59.101
35.190.60.146
35.190.90.30
35.207.24.140
35.211.165.199
35.211.178.172
35.214.153.92
35.227.252.103
35.241.9.51
35.244.159.8
51.222.39.184
52.205.167.202
52.223.22.214
52.54.128.17
52.55.144.0
52.6.168.233
52.6.78.119
52.7.9.61
52.73.45.124
52.85.61.61
52.86.16.29
52.87.62.161
54.147.162.32
54.164.26.28
54.167.225.48
54.173.145.199
54.205.21.165
54.211.43.57
54.77.80.62
54.85.199.144
67.202.105.22
67.202.105.33
67.220.228.200
68.67.160.24
68.67.179.164
69.166.1.12
69.173.151.100
69.175.41.32
70.42.32.223
72.247.65.83
72.247.71.192
74.119.119.150
8.240.131.250
8.252.30.250
8.28.7.109
8.28.7.81
8.43.72.98
96.46.186.57
99.84.37.44
00529a693b96df54f67380541623f81aed7612a68f9f18d19c377e77664efb51
01073f53cf528369f725936b73afd8786d3e6f6a4b15001f6c1800e0a1c66de1
01acfaeba791120e18eb99040524ce3cef13a0dd71b78cccdd742f56ffd00711
02772bffc82945302ae3bee646123b6a2bd2e7d37e50aee168251197c0ee12c2
0419a906125e2c68b33919caa7b00059dbf273fffc9996f9a48ddb1c98db82ae
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
066b93522ca4dec678f3d0f9ab2cdc0ac0e5f12d87f6890f22fe565408a2954a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
072b55359f2331e73f47f41e96fe5c7d640eaee1a1343d81e9c59477bbaf636f
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
09979f555298f71322a12b9259094d8cf3bc9e381a2413fdde14e69da62ec28c
0a9d41d948e8dd4999cee081c0c5b564374172e49a5a73641385de4d107c69e2
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b04613431b1edd6cd7f6c563217ecaec8350f2a141425dc6fb30e688d774a8c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd10c0b413cb48f10aa3ca4ada042132a8bd7966299a44f5d17edfb6a55d886
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0f4328dd583577482da89d8af94cd1146cec997553dd53bc2f9ee3d406cfa9ce
0f677d8783bc1f246f04d56df6da822ecc56db557544d3e8d7343e08c0b117c4
12698cee8f38b06ef3fb5919100e727148d01bd21ffc08a73a363714f942dcfc
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14a9815c2f1b0b92ec5413ebcbed084eedc89811879157a2aa57ace42355e709
173af91088314cc34d9c86e0f3c5dbef92ef392c26e084314dd3604cc6567b9b
189b878931763a0d99110db261a60447809619f65ce14def44fdeee8a6cd328a
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
19a53e415b0747eee5b62eb7f9b7438e5505a519a885ba295250786870db18d2
1ca312ab70201beee7a8aff0f20264fb1ad5fa37fe08d558d0f248259396bf9b
1e5b6d68ab32f145ca17f333ff43a2644b69887fbec215cb00a09cfc5ecc806b
1e8656db974a5176dba5460b4a0abdd4213a1ff3c0699a5d9c4187fb9c216a17
2245996f03ecfe81a4a49d4f3a6b33fc0ff79c8ba75cb8f5d23a42fea099ade0
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
2481711729c5ed25e10a139be38f993167a9075284e156c00a7796d0bce6e0aa
2490f96550c98c46aae6e31b8d1b8c6e927feb4bbd8e0e6f70a8ffa3871412a5
25b0bc9dda8dd671aa7cc47201a3d2b019d51deb6c6cebe10c38ec352d4a1c96
25fe0315a31216326b00ce02a6ec46f499874cb94fce4905dfd4a81b3cf475e2
281ccbd785307b6a781c2a9859fb2262b6c7d637d556fb24d39b55db781cefef
2834f0efb72fb53a5fec863e6033556ede826fcf1a8b25757768fad523ff1dd6
2888f5d77455ddb20af9538b2e98e668d94dfaabf3df23209255d77e7d27a91f
28bc2280781d820509c72c551b779595cbd4a74126bb376d8feebd06a9b572f1
299182523432e90745bd30b529ed1bc58a9df3b181eedadc8ceec28516f9605d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2bb1b8c31850a3f853a52dc7b42408fe48a3ba47646635a8c03cbaa44697992d
2c13b0d3ada46df2a5e9cc86cf0b299f7cc8fe097fc13d23179f649f60afbcd7
2c6d13081750bfcfb93cb02b49b291d1055d5ec08d4e2e7ea8205b089c0ab390
2c90a3a8ab190c1a51389eb86937c40498f3c12ef6b7094044b5de84d2c76830
2ddc632c3a86aacb7dd2c6da2c0f1fd61e7e7ccdc74f310aae2cc85342cf7d3a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f18e5dbd15444530d5749cac5fc31bf86e7ec378a8080bcdb6dfc3e4bb9110e
3089fe7fc34e4d38d5218b461fcd42d73e882807a712559dd7d443d21ac04903
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
317f809fa16a380c94a89fbdf3c1e909a81996ee88634c95dfda4468b4b58000
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32bedf4fc89a1f0d1716659793930f2dfe6062b7fc1375ed620086811abd3019
349f3e2de5639697a9374bd7bc7eef5bf6f89436d74e6fdacd59424c1e050f1e
34aad84ec27795b86c399e369382de88cf072131b781a0eba4a73b5537c417aa
35334400bec8f4c230e7b91c17c4cc96e17caebb6e144bf43dab0e57c4cf90e5
35c887ccee44fbd9166e9c7fd457a48fa55c6d9ba6e124ed1ce377d1ec275a57
36072157fc42d186866f4a3b9c31a9d40d2028b72e4f7962e47d97cb00df909b
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
39db0fea1e2a3b63496f1f6f1226ce7780ec92d86475eea39ddb38b8efc35679
3b8e61470f25ea2617091ddbbde445368bc37ecc80698921194dec72fab85a28
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e65844ea3621494ec26acac0bed8f9d8caf18155dd94017baee84d41563041d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f4a2d8895be9bf8371fb806745027923436529e2784e4e09ba82c7c02d5682d
3f850b873a6a2db355fec9fbaaa13b585498b128c72f877ef0a75f3f1749b089
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4224179aeb31a2473314c4a3741d0c8ef6ab1f112be04aa9b777ace80759f7b9
42659e10606682c6ced7d1c1a7b3fa923e173a60bece08b86acb5f4882111b7b
440dfe3170488271990c0fc096d32ce1b7d0cb36d874ca6dee769247f66c2ac0
44c61df2e983d2ed1669f0d9552bd3ebe0c9aec437821914516ee5affa7c5d45
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
478d7db2012e97743162bb73dab95c045e3533bade97a2c0b0f435c2ebbeebe8
48130b5f7a50716493bc3fffdf9e26bf2dedfecf7f81af4edf7993b13dbfc057
48a02185aafbbaf6ad351fd0ee1092ec9ec9329ba209a688394196b78de93fb7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
498361d0a38611040aa7bb7cf867625f72edf253a09c7a81cb047b9bbe2c1d75
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
4a7a659a1b8a811f331f5b6fd5d0eed07a4ce6d43adbf7be275edeb526553b7a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502ce491f9981b7e125f4eb591c25f78e16a759cf52d4726d26eae2b57fdef9c
503b21999a416f6bab70f0119d86d140b092689fbadc4ac68d7248dc00d44f11
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
511b67b07a90c30bed95a6e3b1a7708d978d53f01e5fad89403590aaf22fb134
51a08d115648f141f45b015c0513e05d053b7d27b70c09c611dc3ef339e95bae
522d33efcc61e39de38c61930d72f4d7352fb72b03b8641f0886d149b7a57b2c
523a160b94aa60d4440a0f0cfcab996ea5af037a3be307f6a05c2f8d56ec7dc8
5336e341bf88d1798de998944eb812582d4f522583b3be6fe4b366f6bb9426a6
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5756f0c3ffdb3158a395092934f42c6b5aadc1045553ca68fe6ad29eac76d53f
578bc63c2a2b28a1b7046d040e28a95209006bde769a751f80809a2a5b6cb73b
5c5f0a61fbd5ffbf05e1585883a4c1264f396517cf5dc46a68bb0529230ae499
5d95b5088265f50a8f40fc6cd0faa5325c29bebe87fe81a85f969c23b278e3f7
5e366d7645d927d35d78aabdea884608aa387397bded98bc84446bf79f0779e6
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
62540d81799b4261375998f041dbdbbcfd24c933254f3d9adf398aaef892ecc5
6336fa3a0c832786cd21ffbc62e9ce2124cb81a94aaef7ee0cd26e7457c7c483
63db600caaa5335f3270ba4ea9169793c61c827299e3d5b82521ae98d3f76cc0
65e46732d0930db4f321ac805a0838672ce0345e7590a32b66c6ef879fd65147
66091c1deeccf7f2db2111482913c4034b8d961aa16107928a3d7e534ef6f7b8
66732ac5ea743b7c5041ea968062eb32ade9edd4d26dc934388b4f0f222c8a75
69bc6a7d93e0fb524d0872c1be88834c14147d5ae7da3c71fdeb7574359ea9ae
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0
6c08f9e0842df5d56fbf57b1b606d35a70ad354f3b57b6066635082452b3ac90
6edbf7efa384a9d4f15b08d8c9bab7b156db2f24a1849f34d6551a53ce1fd5c9
6f30512918099b651f305fa9c9c508b9e10ba105f0e89d8ad6af79c19bea1a4e
6fbaf2336408c342199cb374b13009e6b7f5d51f8b3fc4d6737eb091b4316b18
704f059368f40ccce9f9cdb4f069e9cee17a6a12d4900f2391e5ac2ac7e8ddbe
7064d6d5294ef022f43efc7ff3123f4564e2c6919382895478efd2d37b702f23
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
726aa459952b3019a13f4a978d8d21f5c15079037f5fadc1f19c274a72c836e3
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
738bbcb7d8a22cf89eaee4e1374d580261636592306b0d4dc6207579d7461191
74bd1035789f07555db58f77ce20270fecc59b5b95077d69007eb0b9129af304
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
75aa6f0781c8f5618e8a69b331289c3d6ca7586af8e43f54d1552e019b31158e
762ddcc06aebec529c7b40412fa4a0348c6146ba2771aaacdace42808cf4291a
7862958bb677f3951d21f8c0f30011b4e3fe2a3a63fbbbe5bbe322be6da77e61
78cad1fb95d1e9bbe4a7b1f90fa38ef699314ee65bf914e65ffae62005103a8e
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
7c3268909cac296c2ddd0fe17f4c92c4eabcdce66304365c02a99249e113fdf3
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
7e4193f8872ce1bad107c97d3be646cafa57dc5f4550956b9dee9f2abccf0a96
7e7700d723eb2a42daa71ecd0cbcef8d16d0d781e4264fd5c7fed750974c7bea
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82061d5aac200e4ae6e6beca7e5361b0971f08d848febb283e8e18e62f3383a2
8284038fcb9666bd9258d31b8d762d2728cc1a565d30f6f71ed9e32d3e57d891
82b2a5dd0d329ca91154723f9be612f4c64484c609a8da5f245ebba5fae353fe
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
8479a2a5baec01229ce6a83865dfc0adc4f0162c2ed56478bef0364ec4e1f532
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
851cbda87275cc4272b1b2d7f49e096e000e43c1a5be4fc5f0a06df445142309
8660d516b35299322e019a52264dd8fea9931f1123a9c09699c867009cae5ec9
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
87204cd5b04dc1df83e6221733cd2d2498bff10ff6c093581e169b4c5ab0606b
89b70d3b42eeb21714ce9cd514bd659a16f36c8d46732e0c691e3607301ef903
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a3bf102b192cf0b8a06ea1a89a8beacc51a64059c2b98d995054bbcb6e287f2
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225
8c5a33eaec1f774cc6795ae95883441e2b5a34794d5a7ac2780e3fd7e55a0544
8d79442c6c72e38b05fea7118f18b1d3c6b5c5f1749c38ee8c01b175b73f1593
8d9e99ad2464f164ee445ac909a6fbcc2262c5996bfd8c0fc2f24b65f4b28800
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fad62c2703536d0f448f9d2f4ee777e96abce886a51dde5eb2e8f3ca0c71b75
8fc3f5c6ae75700026ae34a5f17d10c0814ff5703357e4e36fc7d29ff2abbb67
8feb88d54326d8b62ded416cc77970ca3939ef3c293e14d45cce83ef1d965783
90289c6d94b3c76fd75b007bac8dd60c0ea32cc1fdc8515652237f37da52982b
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
95c832d87d667c2fffc317d8723616f857790b346aa0b493d37cb9bd6d145cdd
96b7f252046129093d30fb3c2a3ab919c7ddf3104101bb880fa0e3729fe7ef15
96c90469c81580e5d4a34b63d5d19b633c80ffabcaa3621c0b0251ead1ccdef5
974eb8ae30d7f16b36951d2587ee3e0b7d5f1c7fe3dddcf404379c019882faad
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98cc3db651935ef90a59bb4cfc7092a3789e07e8f72f60204ec04a633d188d3e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9dd39b67060ccd4faed4422ae02c521ff52c564c9dd9cd21ab1dec0ec46e906e
9f7514fc64cd9811b18074e9b763cf7ee8cef0d788a5276fe35fc3e4055fd70a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a09bd89b87d2bd81605ca782ebae0be305c86773542f899170a57a78b0e19cc9
a1722eeffde51afb539ffbfe845f1d17edd91be02d351a35c02add120d3a302f
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a2db6fe3b00487f7179554094a5ba066752fbfd1fd23d5ee85c79f092a626938
a2ff12e2ffa635241c11f9e2f97ba6cff84bc883fc790687a71532df39267d41
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a763d5f2f92cc0397ae006353d9ce89b360a076d6d5da7bfab268441798e3c77
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
aae46588e22c3f48aba79a31219636b6ba9f4797b400f3e78f35e75b353607c8
aaf6cd6b0a06166fdca3a5bf8dbbfe08dc2418c7b3bc4594c16bd5b2bbe3764a
adc556b78f2b5fdbaaeef7094c3f9908f4eace63abb74d182cc925669750b5fa
adcc812e959337ea806767e296146eae68f9abbb9f196cdb732626bb943a1c27
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
b0bcb9d0b9aec08cf95a638e8f7fa24ac816a914681cab567d4718e6af416616
b0bdc4ea3797c3398da386f0c0c9a757b87db2d20e06077367251114d140fbee
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d77ba56a8929ba032798cc5c16af6a4c3bf5ecbcd8549bb32fdcf479e121ae
b29e8a241dc0649fceba0471c96e9f51612f6278bb7e55be034addc3bd2b4513
b2f57c78ba7eececc4ac24f3dad2e03275a8730e6b029598bc8f6059e9beb55f
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef
b6c14f344cefb2ce04797ff6fab068e04af8116dfda7c1fa69aebab24508fe2c
b6c79b5559654c57bb181aebc74a4687abf0d9f5e64fd75ddaf9b612ee829e7a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc9e81999967e8bfe66b3337896a3401cc0ed306c99243b4924207df749a012e
bc9f54667cab537f42eb9d56b08586984371c288fe5b19ef31326a089893636b
bcbdd7d7e74de830df279c0d2483873aa056f06c6991b6a7201af89b0c9195ea
be6df29fec7557868e70308f8e4c492a8e941e0c44b6f88ce6176021b1ea257c
bea62015bf6a41d5e8d0dd77fdb6be95b7027a157fce018a452194afd6073b47
beec51606224f8fcc9f2cd7f9ce7da689352c54d81696a83ff950e3599860e34
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf8ec973584d478fc474c5ff2d336b0c1f5d56868a582e85fc90114dab8d29f0
bfdca37fe8dacc889872f1808296a5e3491ab77289d73c07a67361cb9f423ac4
c0a177730664a02710981330dacbe32e843153f32945016aa1e7b377ed4f9819
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
c1f0a9315cfbe281ecec4e262b8da3420fb5201c22b749930880eed590b9e7bf
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2215854f8c60c26080b0ecac5547a785dcb4c781c46f7e9dd790f111fe4e2fa
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c5334a514e2e8d6d1cc3f53117911766a8c1519071edb4008cb6993aecb73136
c5445c33b24fb5f119a759d89aae37970fbfe7e8689d63e3483549eaef0139ae
c553b9905b4f3e780c458c3d71ad585ab5048a217d5c9bc2d06d28010863f182
c65e3d305c9257e8a5719bbf2145c63ff5778931b031699eacb6893d2a2524b5
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
c75c9c3a9a39e3d2ee396b7cf82ea03e81831e0b6469a4c5081a5be77046f8de
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb426d3cb4dc8a075beeab04a88e787aa9d5defa292d52df4f814a3441f44813
cbbb94fc3e4ec8c15701ce42f592ec52388864b324086e8c541792c9d0df5bc6
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cc487336acb3ea5ed2cc6ca09757137d612286c0ebb00587a997ecbea9053546
cd090578f949988d88531c0c98339766364ed6cdcfd7bca0d49905c44e56a260
ce74a00f821f7f857fd92a73485b1dc5fa7373c61ea04cf37c42921421d25ea3
cea86d756a89b9f2f042c1cb0b881e2793dd1121737dc211f752e56cb988c7cc
cf105a11e980fd6a1810ee3e340f707b21c47353fd7dd00401791678bf904381
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d14ed8784f0156609b24ed5cf2e753778fa514522b74bcf482e945f93dc3649a
d2c00663067fe7d7a1338308cd6b305fc3ceba58e3cd89066924824d793fbfc9
d3534d2e3f9e77a667106416716da4f605ea3f1a3180a13d90d89622e96f9ffa
d3fd0d32cf1665a7522326927a6887aeccbdadb3c86261cf59ae5ae480c27885
d5e1b4b1df9b4fb4b4ba9cb1866789e3869004cdc8a624fc016e56139193a341
d708d6c0dc63199b60c859d18b67ca31990f854c8b70c745bc06a1a951c1ac56
d759b229df277a372ecc833c0e5fe07ea087e7401077b7b8c5243d1849d7980d
d81ecdfd770abb03106fc5106e92380e2ee6dc602ffdd25f3d6e2e622fdf5a10
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db20b4846e1b03778300d634e1a0a14cf4627c5a9baeca0a2032bff4a151e5ae
dce3c9d8381c0fd04a5f180c1fcf818b9c10bdb21c8383ee03c25969ebc75781
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dde4edf8dc06e4c94cc42039e1dcef86bfc3114f550b9c6e6dcf3430a748990c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de54e276416ce8f87e85d777885d28318878c90642caf63ea245eb603e668ef9
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e068571b2061f8906fbfc52b33f7cc1a519a5f8322a3b6db7591ed4611486006
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e1b1d09e3cad033741bdeb24f33f0e5e41720e514e26b948dd39adb93e94f04e
e25463f998d8185abfd114fc94abb218682898b619c3d3721adf375ffb95b162
e258c1e6a4cd7231667857b35525e8349b4ad8dc54f1faa3a33e00ec353292f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4bf13a82e2f59235a6e2836287239284d3644ce8f3728286a7b89e64ae79ad3
e677777de8b8e8c50487abe6e0605f67605f5bb77e2c272d90280da1e1876dbd
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8d21a156633e25656595a2817a51b442d3aa17e8ba009ac607df0b5aec81d19
e9723eb6a9705346630fe4eac739c8af6eca11ae57393d45c95bce048231427d
eb9f3c8f61e873840a819fefcb721b6760e86604c1c536d9bafcc2525dad38ae
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eead96b8fdc985531b5713ce6cf044b1c4a17d17b5a51d80a19a85bff39e681a
eed684f280f990b072c6578a25b58f40da97c72120c8863ca5e21991a7ab1067
eeda1288012c465162652482a690362feca4ac37f9106996abf06d0f7410ad44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28e998e72341f6e22102995edbda874f24f6c454ef90c4055d05c4643d45e2a
f3b17f9af560b005fba3b568590792d952f2bd4a9e5cfe0357b0ecdd545ca16c
f5de908ba97e78d441fc38fc0e381f4b06f411a0ff4446f4802d07ea8d2109dc
f6ed21be96371419bc5e56e69f17da9f20ae40ccee6018e29f33eb4dd1c89a36
f724988664f7ff40306c2ae90a9e2b74521fbf937dce65fbc4ad9964008cb083
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
fc879f7a4d472f200dbb8e372b6e7e22af97fcc29deedf9fc439e0f1b5959e56
fde3958fc7b3011078e5ee89f3eadb030b67d8c4592204641fb8d2063bf1ec2c
fea6457068b0f1ca04d4da2b83244d4bb6584345be8f9a97ca8f1b253cfd25a1
fedda7bf85704daade6f452eff1d6394ae75b87a5fdf7f5f7513962a41ece630