privategirlses.com Open in urlscan Pro
2606:4700:3036::6815:38f6  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://loveme.uno/EUNJI HTTP 301
   https://loveme.uno/EUNJI HTTP 301
   https://loveme.uno/EUNJI/ Page URL
   
2. https://privategirlses.com/?utm_source=QgnTN6xIx57f2&utm_campaign=EUNJI Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

• http://loveme.uno/EUNJI HTTP 301
• https://loveme.uno/EUNJI HTTP 301
• https://loveme.uno/EUNJI/

Request Chain 14

• https://pixel.onaudience.com/?partner=137085098&mapped=6D001645187506B14AAF70A584EFB41B HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
• https://pixel.onaudience.com/?partner=147&mapped=4ce54243-02e9-49fc-bd5b-14da3085a098&icm HTTP 302
• https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
• https://pixel.onaudience.com/?partner=161&icm&cver&mapped=58ca76bb4c320157006ccde89277bee3 HTTP 302
• https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
• https://pixel.onaudience.com/?partner=104&icm&cver&mapped=766a9c6247c57564201d6cf4d9c95c34 HTTP 302
• https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
• https://tags.bluekai.com/site/33141?&id=adff743f72562c05

Request Chain 23

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://sync.sharethis.com/ttd?uid=4ce54243-02e9-49fc-bd5b-14da3085a098&gdpr=0&gdpr_consent=

Request Chain 24

• https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
• https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
• https://sync.sharethis.com/nlsn?uid=58ca76bb4c320157006ccde89277bee3

Request Chain 25

• https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
• https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
• https://sync.sharethis.com/eyeota?uid=2CTFEpcYV3UZ8G1lVFxL-oJkxScv6GCpugmROgAFgb-U&gdpr=0&gdpr_consent=

Request Chain 26

• https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGYAAWIPkbIAAAAJR7rCAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
• https://idsync.rlcdn.com/395886.gif?partner_uid=3625226498879783012 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNTIyNjQ5ODg3OTc4MzAxMhAAGg0IsqO-kAYSBQjoBxAAQgBKAA HTTP 307
• https://ml314.com/csync.ashx?fp=51c661d82a5796638aac544ab62def586269982cc50519aa99eb5f46bb680c30f4cb09cee1a4f8eb&person_id=3625226498879783012&eid=50082

Request Chain 27

• https://tags.bluekai.com/site/59574?id=ZGYAAWIPkbIAAAAJR7rCAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
• https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 31

• https://ap.lijit.com/readerinfo/v2 HTTP 307
• https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 32

• https://ap.lijit.com/readerinfo/v2 HTTP 307
• https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 33

• https://ap.lijit.com/readerinfo/v2 HTTP 307
• https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 34

• https://um.simpli.fi/lj_match?r=95108 HTTP 302
• https://ce.lijit.com/merge?pid=2&3pid=BC56310CBD5B4BAA8BEF1EC70AEE8758

Request Chain 35

• https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=953358ad7ce249d9ff4568b7 HTTP 303
• https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=953358ad7ce249d9ff4568b7&_li_chk=true&previous_uuid=339c58c6561c4473990ea2fc63f8759b HTTP 303
• https://x.bidswitch.net/sync?dsp_id=42&user_id= HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=

Request Chain 37

• https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=875d43b0fb429b5fdb6fa3c3 HTTP 303
• https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=875d43b0fb429b5fdb6fa3c3&_li_chk=true&previous_uuid=f986d033182e4b0b8467feb9931f7a3f HTTP 303
• https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=875d43b0fb429b5fdb6fa3c3

Request Chain 38

• https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=875d43b0fb429b5fdb6fa3c3&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=46366 HTTP 302
• https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=875d43b0fb429b5fdb6fa3c3&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=46366&_expected_cookie=bcd06e6cbacebfc8d87fcc7219b0d1ed HTTP 302
• https://ce.lijit.com/merge?pid=5014&3pid=bcd06e6cbacebfc8d87fcc7219b0d1ed

Request Chain 41

• https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=1QSUTGIPkbMZNW1bHh5%2FoA%3D%3D&us_privacy=&33random=1645187507152.1&cat=33across HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mmg2SGhpY0kySm9yNXpHVlVXdV9FWl91RTV0cVdIY09wUUN2bEZjdjN1dEk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mmg2SGhpY0kySm9yNXpHVlVXdV9FWl91RTV0cVdIY09wUUN2bEZjdjN1dEk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_tc= HTTP 302
• https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEL_fHZOMCkSIPy8OmRkvJ8Q&google_cver=1

Request Chain 43

• https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=1QSUTGIPkbMZNW1bHh5%2FoA%3D%3D&us_privacy=&33random=1645187507152.4&cat=33across HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
• https://ps.eyeota.net/match?uid=4ce54243-02e9-49fc-bd5b-14da3085a098&bid=1e2n4ou

Request Chain 54

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
• https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=4ce54243-02e9-49fc-bd5b-14da3085a098/gdpr=0/gdpr_consent=

Request Chain 56

• https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=766a9c6247c57564201d6cf4d9c95c34&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=766a9c6247c57564201d6cf4d9c95c34&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b781acaf-9529-4e14-b47e-f9e41e3ac93e%252Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253Db781acaf-9529-4e14-b47e-f9e41e3ac93e&gdpr=0&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4ce54243-02e9-49fc-bd5b-14da3085a098&ttd_puid=b781acaf-9529-4e14-b47e-f9e41e3ac93e%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3Db781acaf-9529-4e14-b47e-f9e41e3ac93e HTTP 302
• https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=b781acaf-9529-4e14-b47e-f9e41e3ac93e

Request Chain 57

• https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP HTTP 302
• https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=e587941812482808bb1f7aae872fd858

Request Chain 61

• https://aorta.clickagy.com/pixel.gif?ch=120&cm=766a9c6247c57564201d6cf4d9c95c34 HTTP 302
• https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP 302
• https://pixel-sync.sitescout.com/connectors/clickagy/usersync?cookieQ=1&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP 302
• https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=79825357-5ba4-41a3-b8ff-76cb7e263c42-620f91b4-4341 HTTP 302
• https://idsync.rlcdn.com/420246.gif?partner_uid=c:a643638e815cf4bb0d313e32e48c12ab HTTP 307
• https://aorta.clickagy.com/pixel.gif?ch=114&cm=eab6cc935b2fa5ccb66d603e55197a1d0c58a98af71a053b78411ca6507410cf25abae5358c0e7bc

Request Chain 62

• https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=766a9c6247c57564201d6cf4d9c95c34 HTTP 302
• https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=766a9c6247c57564201d6cf4d9c95c34

Request Chain 63

• https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0 HTTP 302
• https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=163850504066007452945&gdpr=0&gdpr_consent=

Request Chain 65

• https://sync.srv.stackadapt.com/sync?nid=lotame HTTP 302
• https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-307aae03-5620-40e6-6257-2150696099a5$ip$149.56.153.183

Request Chain 66

• https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
• https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
• https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=1c8a3184-4fe4-4d96-9c8e-ab6ef1041d08

Request Chain 67

• https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D363%2Ftp%3DADGR%2Ftpid%3D__AG_UID__ HTTP 302
• https://cm.adgrx.com/bridge.gif?AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D363%2Ftp%3DADGR%2Ftpid%3D__AG_UID__ HTTP 302
• https://sync.crwdcntrl.net/map/c=363/tp=ADGR/tpid=bd982df6-90b6-11ec-a21c-79fe14d027ac

Request Chain 69

• https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
• https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
• https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=4c0b18ac-291a-48e4-930a-1a3b0bc453db-620f91b4-4341/gdpr=0

Request Chain 71

• https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=Yg_RtAAHIvxmyQBB HTTP 302
• https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Yg_RtAAHIvxmyQBB/gdpr=0&_test=Yg_RtAAHIvxmyQBB

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response loveme.uno/EUNJI/ Redirect Chain http://loveme.uno/EUNJI https://loveme.uno/EUNJI https://loveme.uno/EUNJI/	2 KB 1 KB	114ms 113ms	Document text/html	2606:4700:3037::6815:cf1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://loveme.uno/EUNJI/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:cf1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.27 Resource Hash e6b47b8435ab8d7872f56d6e32884ef504920d71db5451f15faf81460b0a6ce1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers date Fri, 18 Feb 2022 12:31:46 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.4.27 vary Accept-Encoding x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbCN4FLdoAVfT4TZUP2yAU71FE977uP%2BFiH75Jii2ZZO3uX2ZZygw26PvIORT26TAGPXYIq9vMQfPvVpY2ZZ8RObE0n06zvl37%2BRY7qmc7J%2F7VnsfmS9oM6f0sL86%2FRxRzOculRLqsAc"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6df74639fdef7133-YUL content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Redirect headers date Fri, 18 Feb 2022 12:31:46 GMT content-type text/html location https://loveme.uno/EUNJI/ x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enZ3oZHSMvGK44Tslm0vUJnVp%2B4p3l8fkd%2FLDgdUSjtxJHnVZ7Y05GDD4hyju3Org97wwCFLNPrxn0MgnyjtNT1zsfHRGe%2BaueN9D62OOekTZHZBT5%2BgLtXgg0zBEWj%2FYBzbsHtFjpcM"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6df746394d477133-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	love.gif fuckboox.xyz/	150 KB 151 KB	47ms 21ms	Image image/gif	2606:4700:3031::6815:55a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://fuckboox.xyz/love.gif Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:55a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e02626e6136c11d2ddb9b4a4cf94faa7853f7c6f3ed644ff9bcfae6f4912666 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 12:31:46 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2580 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 153467 last-modified Tue, 11 Jan 2022 13:45:21 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPCdZZyHAm8lCh0FSGEMTcwU%2F3OSqe4xtBPfiv68NtwQLHZdRucnvrjdaA7KITBtYIiVluh1uDovhq%2BsrGcwKGUVmCJw7KCFOUBP85oXfrXCjJCkRnxYpWulTg0JPXkSdUT4imdmjavKtd4%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 6df7463af82becfe-YUL expires Fri, 25 Feb 2022 11:48:46 GMT
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 4 KB	31ms 10ms	Script text/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 12:21:50 GMT content-encoding br last-modified Thu, 16 Apr 2020 10:44:16 GMT x-cdn-pop-ip 137.74.122.0/26 etag "-375139978" x-cacheable Matched cache content-type text/javascript x-cdn-pop bhs accept-ranges bytes content-length 4364 x-request-id 204703507
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	376 B 511 B	32ms 9ms	Script text/html	192.99.0.58 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?4570005&@f16&@g1&@h1&@i1&@j1645187506404&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:195786400&@b3:1645187506&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Floveme.uno%2FEUNJI%2F&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.99.0.58 , Canada, ASN16276 (OVH, FR), Reverse DNS ns500326.ip-192-99-0.net Software / Resource Hash 892d55861a7789eec2cad963b875d9ebf537ff3698f08d0349ce86395d224262 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:46 GMT Connection close Content-Length 376 Content-Type text/html;charset=UTF-8
GET H/1.1	200 OK	/ Show response e.dtscout.com/e/	9 KB 10 KB	54ms 19ms	Script application/javascript	158.69.139.225 OVH
General Check archive.org Show headers Download Go to Full URL https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2FEUNJI%2F&j= Requested by Host: s4.histats.com URL: https://s4.histats.com/stats/0.php?4570005&@f16&@g1&@h1&@i1&@j1645187506404&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:195786400&@b3:1645187506&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Floveme.uno%2FEUNJI%2F&@w Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.69.139.225 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip225.ip-158-69-139.net Software nginx/1.10.3 (Ubuntu) / Resource Hash 29db8bde4e542de78544b0648ed23ec392d19fe4e364c1dca8b5502dc8ccfa5d Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:46 GMT X-T 0.811 Server nginx/1.10.3 (Ubuntu) Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Connection close X-S mtl1 Expires Fri, 18 Feb 2022 12:31:45 GMT
GET H/1.1	200 OK	/ Show response t.dtscout.com/idg/ Frame 79F9	1 KB 755 B	42ms 9ms	Document text/html	158.69.139.230 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/idg/?su=6D001645187506B14AAF70A584EFB41B Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2FEUNJI%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.69.139.230 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip230.ip-158-69-139.net Software nginx/1.14.0 (Ubuntu) / Resource Hash 060235a14e7836d800c3e71e69ba366b2fc6ecde072af93fa9bff5d93c47fefe Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ Response headers Server nginx/1.14.0 (Ubuntu) Date Fri, 18 Feb 2022 12:31:46 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close Expires Fri, 18 Feb 2022 12:31:45 GMT Cache-Control no-cache Content-Encoding gzip
GET H2	200	tag.min.js Show response get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/	30 KB 10 KB	59ms 19ms	Script text/javascript	99.84.125.89 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2FEUNJI%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.125.89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-125-89.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-amz-version-id BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY content-encoding gzip last-modified Thu, 03 Jun 2021 13:27:46 GMT server AmazonS3 age 15187 etag W/"a1c6ef0f57fd5dc66dd46feb78238adf" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript via 1.1 75e33350c9c4e8f80789197bf361fe12.cloudfront.net (CloudFront) cache-control max-age=86400 date Fri, 18 Feb 2022 08:18:40 GMT x-amz-cf-pop EWR52-C3 x-amz-cf-id dtUtobuo7g4XCIyELez8y-FkFrHgVMFOX1lxXSOcj9kuGzodM5jrQw==
GET H/1.1	200 OK	dtscout Show response pd.sharethis.com/pd/	2 KB 3 KB	149ms 35ms	Script application/javascript	3.140.12.176 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pd.sharethis.com/pd/dtscout Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2FEUNJI%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.140.12.176 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-140-12-176.us-east-2.compute.amazonaws.com Software / Resource Hash e5686d1003bec84dcddff40fbd1df4a70f01092a96771026a3f91a64f905e0d7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:46 GMT Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 2273 Strict-Transport-Security max-age=63072000; includeSubDomains; Content-Type application/javascript
GET H2	200	afwu.js Show response cdn.tynt.com/	10 KB 4 KB	85ms 25ms	Script application/javascript	104.18.28.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.tynt.com/afwu.js Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2FEUNJI%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.28.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 12:31:46 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 27 Aug 2021 20:58:45 GMT server cloudflare age 55881 etag W/"61295205-288b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 6df7463c18eeca94-YYZ expires Mon, 21 Feb 2022 12:31:46 GMT
GET H/1.1	200 OK	/ Show response t.dtscout.com/pv/	50 B 317 B	42ms 10ms	Script application/javascript	158.69.139.230 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/pv/?_a=v&_h=loveme.uno&_ss=3qerhkyfql&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=7e22&_cb=_dtspv.c Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2FEUNJI%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.69.139.230 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip230.ip-158-69-139.net Software nginx/1.14.0 (Ubuntu) / Resource Hash 2cfd77a5dc1c457726c9b3c768a72da494aecff4b11c96ae85b546dafe22dcf5 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:46 GMT X-T 0.16 Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked X-C 0 Content-Type application/javascript Cache-Control no-cache Connection close Expires Fri, 18 Feb 2022 12:31:45 GMT
GET H2	200	lt.min.js Show response tags.crwdcntrl.net/lt/c/3825/	43 KB 14 KB	58ms 18ms	Script text/javascript	99.84.42.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2FEUNJI%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.42.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-42-105.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash c5f5fafca53e303f739660340b7354ea21f79ccb6f80aed85f4110c941b6cfc9 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Fri, 18 Feb 2022 05:20:17 GMT content-encoding gzip last-modified Mon, 10 Jan 2022 15:33:32 GMT server AmazonS3 age 25890 etag W/"e8e52baa0cf6ccb764f317323674bacd" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript via 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront) cache-control max-age: 86400 x-amz-cf-pop EWR52-C4 x-amz-cf-id sSES0Sl6krU42ZQ1Kw4H80VcT4oFioIouxv_gm9I5kAdfTgifRTabQ==
GET H/1.1	200 OK	/ Show response t.dtscdn.com/widget/	0 407 B	119ms 20ms	Script application/javascript	138.197.56.196 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://t.dtscdn.com/widget/?d=6D001645187506B14AAF70A584EFB41B&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Floveme.uno%2FEUNJI%2F&r= Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2FEUNJI%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.197.56.196 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:38:53 GMT X-T 1.27 x-server web13.ny1.dtscdn.com Cache-Control no-cache Content-Type application/javascript; charset=UTF-8 Transfer-Encoding chunked Expires Fri, 18 Feb 2022 12:38:52 GMT
GET H2	200	e Show response a.dtssrv.com/	21 B 657 B	77ms 42ms	XHR application/json	2606:4700:3032::ac43:dc33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.dtssrv.com/e?i=6D001645187506B14AAF70A584EFB41B Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2FEUNJI%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15d579d52e0603af4bc8bffce2162c9441be88562b259de4e5ed1623872b90a1 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 12:31:46 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3K5Z5Ox70ydD%2BdCLacu6Cq51LmeSER5H45uMuPegC9V2sLXUGLhl0i4qhd7Kebn7yjWnXd7T%2F4c15mApZ2ioc1HHoF7qAz3PXMuS%2F6543LduZ2UAbBKxzanMkCNy1ZgGGQwpqXLZobGObQo%3D"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin https://loveme.uno cache-control s-maxage=0 access-control-allow-credentials true cf-ray 6df7463c5bd94bd0-YUL expires Fri, 18 Feb 2022 14:31:46 GMT
GET H/1.1	200 OK	27675 tags.bluekai.com/site/	62 B 425 B	140ms 83ms	Image image/gif	23.3.124.133 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/27675?id=6D001645187506B14AAF70A584EFB41B&ret=html&phint=__bk_l%3Dhttps%3A%2F%2Floveme.uno%2FEUNJI%2F&r=10105760 Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.3.124.133 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-3-124-133.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Fri, 18 Feb 2022 12:31:46 GMT P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 62 BK-Server b4e3 Expires Thu, 01 Dec 1994 16:00:00 GMT
GET H/1.1	200 OK	33141 tags.bluekai.com/site/ Redirect Chain https://pixel.onaudience.com/?partner=137085098&mapped=6D001645187506B14AAF70A584EFB41B https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 https://pixel.onaudience.com/?partner=147&mapped=4ce54243-02e9-49fc-bd5b-14da3085a098&icm https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 https://pixel.onaudience.com/?partner=161&icm&cver&mapped=58ca76bb4c320157006ccde89277bee3 https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D https://pixel.onaudience.com/?partner=104&icm&cver&mapped=766a9c6247c57564201d6cf4d9c95c34 https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m https://tags.bluekai.com/site/33141?&id=adff743f72562c05	62 B 583 B	114ms 114ms	Image image/gif	23.3.124.133 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/33141?&id=adff743f72562c05 Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol HTTP/1.1 Server 23.3.124.133 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-3-124-133.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:47 GMT Connection keep-alive P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Content-Length 62 Content-Type image/gif Redirect headers location https://tags.bluekai.com/site/33141?&id=adff743f72562c05 content-length 0
GET H2	200	/ Show response onetag-geo.s-onetag.com/	535 B 949 B	94ms 27ms	Fetch application/json	99.84.125.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onetag-geo.s-onetag.com/ Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.125.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-125-47.ewr52.r.cloudfront.net Software / Resource Hash 338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 17 Feb 2022 16:13:41 GMT via 1.1 dbb909966903df95f63a00d4241f7b7c.cloudfront.net (CloudFront), 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront) age 73085 x-amzn-requestid ab2ecdfc-7afb-403f-b68e-38c825357823 x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=86400 x-amz-cf-pop IAD89-P2, EWR52-C3 x-amz-apigw-id NscYcG37CYcFkFA= content-length 535 x-amz-cf-id cqkefDsPJKcMiXx-RRoV_y7u4e_WIYb7ttuB_GDx97Ox3R90XkmV3Q==
GET H2	200	p ic.tynt.com/b/	35 B 523 B	548ms 33ms	Image image/gif	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1645187506589&dn=AFWU&iso=0&t=loveme.uno Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/EUNJI/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 12:31:47 GMT last-modified Fri, 16 Apr 2010 15:38:20 GMT server nginx/1.16.1 etag "4bc8846c-23" p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" accept-ranges bytes content-type image/gif content-length 35 expires "Sat, 26 Jul 1997 05:00:00 GMT"
GET H/1.1	200 OK	t.dhj Show response t.sharethis.com/1/d/	2 KB 2 KB	86ms 18ms	Script application/javascript	23.217.18.225 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.13886510047896095&stid=ZGYAAWIPkbIAAAAJR7rCAw%3D%3D Requested by Host: pd.sharethis.com URL: https://pd.sharethis.com/pd/dtscout Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-217-18-225.deploy.static.akamaitechnologies.com Software / Resource Hash 8d287d0384bfc53019031cc8c81656d21080ae95b916cdb8b46aca6d62d0d2cb Security Headers Name Value Strict-Transport-Security max-age=2628000 ; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:46 GMT Content-Encoding gzip X-Content-Type-Options nosniff Strict-Transport-Security max-age=2628000 ; includeSubDomains Content-Type application/javascript Cache-Control private, max-age=3600 Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 1363 Expires Fri, 18 Feb 2022 13:31:46 GMT
GET H/1.1	200 OK	dtscout pd.sharethis.com/pd/	42 B 265 B	36ms 35ms	Image image/gif	3.140.12.176 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Floveme.uno%2FEUNJI%2F&event_source=dtscout&rnd=0.13886510047896095&exptid=ZGYAAWIPkbIAAAAJR7rCAw%3D%3D&fcmp=false Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.140.12.176 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-140-12-176.us-east-2.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:46 GMT Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 42 Strict-Transport-Security max-age=63072000; includeSubDomains; Content-Type image/gif
GET H/1.1	200 OK	t_.htm Show response t.sharethis.com/a/ Frame 08D9	2 KB 1 KB	19ms 19ms	Document text/html	23.217.18.225 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://t.sharethis.com/a/t_.htm?ver=1.858.22942&cid=c010&cls=C Requested by Host: t.sharethis.com URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.13886510047896095&stid=ZGYAAWIPkbIAAAAJR7rCAw%3D%3D Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-217-18-225.deploy.static.akamaitechnologies.com Software / Resource Hash ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0 Security Headers Name Value Strict-Transport-Security max-age=2628000 ; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ Response headers Content-Length 1160 Cache-Control max-age=604800 Expires Fri, 25 Feb 2022 12:31:46 GMT Date Fri, 18 Feb 2022 12:31:46 GMT Connection keep-alive Strict-Transport-Security max-age=2628000 ; includeSubDomains Content-Encoding gzip Content-Type text/html X-Robots-Tag noindex, nofollow
GET H2	200	EU Show response onetag-geo-grouping.s-onetag.com/regionalbloc/	1 KB 832 B	87ms 27ms	Fetch application/json	52.85.61.75 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.61.75 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-61-75.ewr53.r.cloudfront.net Software restify / Resource Hash 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 09:40:13 GMT content-encoding gzip server restify age 10293 vary Accept-Encoding,origin x-cache Hit from cloudfront content-type application/json access-control-allow-origin https://loveme.uno access-control-expose-headers api-version, content-length, content-md5, content-type, date, request-id, response-time cache-control max-age=86400 x-amz-cf-pop EWR53-P1 x-amz-cf-id hhzcCeOu4Exy8J5kugAvz44DclTkA3mVlGVcL6csMKFmuG8j_Lokag== via 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
GET H/1.1	200 OK	t_.js Show response t.sharethis.com/1.858.22942/a/CA/ Frame 0549	20 KB 9 KB	21ms 20ms	Script text/javascript	23.217.18.225 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://t.sharethis.com/1.858.22942/a/CA/t_.js?cid=c010&cls=C Requested by Host: t.sharethis.com URL: https://t.sharethis.com/a/t_.htm?ver=1.858.22942&cid=c010&cls=C Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-217-18-225.deploy.static.akamaitechnologies.com Software / Resource Hash cc9a9c01d98fb85b8535015f624e5647543235631174127a092de3816382b67c Security Headers Name Value Strict-Transport-Security max-age=2628000 ; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer https://t.sharethis.com/a/t_.htm?ver=1.858.22942&cid=c010&cls=C User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:46 GMT Content-Encoding gzip Strict-Transport-Security max-age=2628000 ; includeSubDomains Content-Type text/javascript Cache-Control max-age=604800 Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 8750 Expires Fri, 25 Feb 2022 12:31:46 GMT
GET H/1.1	200 OK	test_oracle Show response pd.sharethis.com/pd/ Frame 4F3B	438 B 675 B	36ms 36ms	Script application/javascript	3.140.12.176 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pd.sharethis.com/pd/test_oracle Requested by Host: t.sharethis.com URL: https://t.sharethis.com/a/t_.htm?ver=1.858.22942&cid=c010&cls=C Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.140.12.176 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-140-12-176.us-east-2.compute.amazonaws.com Software / Resource Hash ba9f09d5ce9e1668aa38b3be85fd88b88efc6112e1d7207d3ef4f2b7d751acc0 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers Accept-Language en-CA,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:46 GMT Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 438 Strict-Transport-Security max-age=63072000; includeSubDomains; Content-Type application/javascript
GET H/1.1	200 OK	ttd sync.sharethis.com/ Frame 0549 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= https://sync.sharethis.com/ttd?uid=4ce54243-02e9-49fc-bd5b-14da3085a098&gdpr=0&gdpr_consent=	42 B 297 B	136ms 35ms	Image image/gif	3.129.242.122 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/ttd?uid=4ce54243-02e9-49fc-bd5b-14da3085a098&gdpr=0&gdpr_consent= Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol HTTP/1.1 Server 3.129.242.122 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-129-242-122.us-east-2.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers Accept-Language en-CA,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive X-Robots-Tag noindex, nofollow Date Fri, 18 Feb 2022 12:31:47 GMT Content-Length 42 Stid ZGYAAWIPkbIAAAAJR7rCAw== Content-Type image/gif Redirect headers pragma no-cache date Fri, 18 Feb 2022 12:31:46 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://sync.sharethis.com/ttd?uid=4ce54243-02e9-49fc-bd5b-14da3085a098&gdpr=0&gdpr_consent= cache-control private,no-cache, must-revalidate content-type text/html content-length 215
GET H/1.1	200 OK	nlsn sync.sharethis.com/ Frame 0549 Redirect Chain https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 https://sync.sharethis.com/nlsn?uid=58ca76bb4c320157006ccde89277bee3	42 B 297 B	59ms 36ms	Image image/gif	3.129.242.122 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/nlsn?uid=58ca76bb4c320157006ccde89277bee3 Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol HTTP/1.1 Server 3.129.242.122 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-129-242-122.us-east-2.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers Accept-Language en-CA,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive X-Robots-Tag noindex, nofollow Date Fri, 18 Feb 2022 12:31:47 GMT Content-Length 42 Stid ZGYAAWIPkbIAAAAJR7rCAw== Content-Type image/gif Redirect headers date Fri, 18 Feb 2022 12:31:47 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://sync.sharethis.com/nlsn?uid=58ca76bb4c320157006ccde89277bee3 cache-control no-cache access-control-allow-credentials true content-type image/gif content-length 0
GET H/1.1	200 OK	eyeota sync.sharethis.com/ Frame 0549 Redirect Chain https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= https://sync.sharethis.com/eyeota?uid=2CTFEpcYV3UZ8G1lVFxL-oJkxScv6GCpugmROgAFgb-U&gdpr=0&gdpr_consent=	42 B 297 B	138ms 34ms	Image image/gif	3.129.242.122 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/eyeota?uid=2CTFEpcYV3UZ8G1lVFxL-oJkxScv6GCpugmROgAFgb-U&gdpr=0&gdpr_consent= Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol HTTP/1.1 Server 3.129.242.122 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-129-242-122.us-east-2.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers Accept-Language en-CA,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive X-Robots-Tag noindex, nofollow Date Fri, 18 Feb 2022 12:31:47 GMT Content-Length 42 Stid ZGYAAWIPkbIAAAAJR7rCAw== Content-Type image/gif Redirect headers Location https://sync.sharethis.com/eyeota?uid=2CTFEpcYV3UZ8G1lVFxL-oJkxScv6GCpugmROgAFgb-U&gdpr=0&gdpr_consent= Date Fri, 18 Feb 2022 12:31:46 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
GET H/1.1	200 OK	csync.ashx ml314.com/ Frame 0549 Redirect Chain https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGYAAWIPkbIAAAAJR7rCAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D https://idsync.rlcdn.com/395886.gif?partner_uid=3625226498879783012 https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNTIyNjQ5ODg3OTc4MzAxMhAAGg0IsqO-kAYSBQjoBxAAQgBKAA https://ml314.com/csync.ashx?fp=51c661d82a5796638aac544ab62def586269982cc50519aa99eb5f46bb680c30f4cb09cee1a4f8eb&person_id=3625226498879783012&eid=50082	43 B 312 B	27ms 27ms	Image image/gif	54.85.224.115 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=51c661d82a5796638aac544ab62def586269982cc50519aa99eb5f46bb680c30f4cb09cee1a4f8eb&person_id=3625226498879783012&eid=50082 Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol HTTP/1.1 Server 54.85.224.115 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-85-224-115.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language en-CA,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:46 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type image/gif Cache-Control private Connection keep-alive Content-Length 43 Expires Sat, 19 Feb 2022 07:31:47 GMT Redirect headers date Fri, 18 Feb 2022 12:31:47 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://ml314.com/csync.ashx?fp=51c661d82a5796638aac544ab62def586269982cc50519aa99eb5f46bb680c30f4cb09cee1a4f8eb&person_id=3625226498879783012&eid=50082 cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H/1.1	200 OK	oracle sync.sharethis.com/ Frame 0549 Redirect Chain https://tags.bluekai.com/site/59574?id=ZGYAAWIPkbIAAAAJR7rCAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957	42 B 297 B	145ms 35ms	Image image/gif	3.129.242.122 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957 Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol HTTP/1.1 Server 3.129.242.122 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-129-242-122.us-east-2.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers Accept-Language en-CA,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive X-Robots-Tag noindex, nofollow Date Fri, 18 Feb 2022 12:31:47 GMT Content-Length 42 Stid ZGYAAWIPkbIAAAAJR7rCAw== Content-Type image/gif Redirect headers Location https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957 Date Fri, 18 Feb 2022 12:31:46 GMT Connection keep-alive Content-Length 0 P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H/1.1	200 OK	bk-coretag.js Show response tags.bkrtx.com/js/ Frame 4F3B	51 KB 16 KB	240ms 20ms	Script application/javascript	104.106.225.66 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.bkrtx.com/js/bk-coretag.js Requested by Host: pd.sharethis.com URL: https://pd.sharethis.com/pd/test_oracle Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.106.225.66 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-106-225-66.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Strict-Transport-Security max-age=15724800; includeSubDomains Content-Encoding gzip Last-Modified Fri, 21 May 2021 19:14:21 GMT Server nginx/1.15.8 ETag W/"60a8068d-cbc2" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=604800 Date Fri, 18 Feb 2022 12:31:47 GMT Connection keep-alive Content-Length 16078 Expires Fri, 25 Feb 2022 12:31:47 GMT
GET H2	200	dataBeacons.min.js Show response data-beacons.s-onetag.com/	6 KB 2 KB	91ms 17ms	Script text/javascript	54.230.162.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://data-beacons.s-onetag.com/dataBeacons.min.js Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.162.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-162-76.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash 31e12a7a30e633b99dc01daa1c2064b8b78098f5d9cccfe3aad2d2904125a775 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-amz-version-id syrhL4HxyQ94RzTlcl0y8HYCMGvvMWLr content-encoding gzip last-modified Wed, 07 Jul 2021 16:31:37 GMT server AmazonS3 age 182 etag W/"5ff42869b876a4eddafd981cab0b8818" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript via 1.1 2ca278c258e2c9c6a2d0cc60b816bd50.cloudfront.net (CloudFront) cache-control max-age=3600 date Fri, 18 Feb 2022 12:28:44 GMT x-amz-cf-pop EWR53-C3 x-amz-cf-id LVemvGlaRv6OPoBrvVG3dLdyEzyrOoXngIrHpB_eVZmq1FPBong-eg==
GET H2	200	v2 Show response de.tynt.com/deb/	980 B 2 KB	274ms 35ms	Script application/javascript	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r= Requested by Host: cdn.tynt.com URL: https://cdn.tynt.com/afwu.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software / Resource Hash ba4db762b5b113799d4f5d5dd237be1a69d1c3f89384018fc5e09a49a03bee9a Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/EUNJI/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 12:31:46 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false content-type application/javascript p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" content-length 980 expires Sat, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	v2 Show response ap.lijit.com/readerinfo/ Redirect Chain https://ap.lijit.com/readerinfo/v2 https://ap.lijit.com/readerinfo/v2?sovrn_retry=true	41 B 458 B	55ms 19ms	Fetch application/json	23.92.190.74 INTERNAP-BLK
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/readerinfo/v2?sovrn_retry=true Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol HTTP/1.1 Server 23.92.190.74 , United States, ASN10913 (INTERNAP-BLK, US), Reverse DNS Software / Resource Hash 4965fd63179bb2baf32bd755a36cc43ca4610c7fe1f91f153ea1c09a89aad48f Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:47 GMT Content-Encoding gzip Vary Accept-Encoding, User-Agent Access-Control-Allow-Methods GET, POST, DELETE, PUT Content-Type application/json Access-Control-Allow-Origin https://loveme.uno Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap4ewr1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 61 Redirect headers Date Fri, 18 Feb 2022 12:31:47 GMT Access-Control-Allow-Origin https://loveme.uno Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://ap.lijit.com/readerinfo/v2?sovrn_retry=true Access-Control-Allow-Credentials true Connection close X-Sovrn-Pod ad_ap4ewr1 Access-Control-Allow-Headers X-Requested-With, Content-Type
GET H/1.1	200 OK	v2 Show response ap.lijit.com/readerinfo/ Redirect Chain https://ap.lijit.com/readerinfo/v2 https://ap.lijit.com/readerinfo/v2?sovrn_retry=true	41 B 458 B	52ms 18ms	Fetch application/json	23.92.190.74 INTERNAP-BLK
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/readerinfo/v2?sovrn_retry=true Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol HTTP/1.1 Server 23.92.190.74 , United States, ASN10913 (INTERNAP-BLK, US), Reverse DNS Software / Resource Hash 8bcf5d455e534318571f2eb635d694ec101511771463b4cf67570c3580da1d10 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:47 GMT Content-Encoding gzip Vary Accept-Encoding, User-Agent Access-Control-Allow-Methods GET, POST, DELETE, PUT Content-Type application/json Access-Control-Allow-Origin https://loveme.uno Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap4ewr1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 61 Redirect headers Date Fri, 18 Feb 2022 12:31:47 GMT Access-Control-Allow-Origin https://loveme.uno Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://ap.lijit.com/readerinfo/v2?sovrn_retry=true Access-Control-Allow-Credentials true Connection close X-Sovrn-Pod ad_ap4ewr1 Access-Control-Allow-Headers X-Requested-With, Content-Type
GET H/1.1	200 OK	v2 Show response ap.lijit.com/readerinfo/ Redirect Chain https://ap.lijit.com/readerinfo/v2 https://ap.lijit.com/readerinfo/v2?sovrn_retry=true	41 B 458 B	57ms 21ms	Fetch application/json	23.92.190.74 INTERNAP-BLK
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/readerinfo/v2?sovrn_retry=true Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol HTTP/1.1 Server 23.92.190.74 , United States, ASN10913 (INTERNAP-BLK, US), Reverse DNS Software / Resource Hash 8bcf5d455e534318571f2eb635d694ec101511771463b4cf67570c3580da1d10 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:47 GMT Content-Encoding gzip Vary Accept-Encoding, User-Agent Access-Control-Allow-Methods GET, POST, DELETE, PUT Content-Type application/json Access-Control-Allow-Origin https://loveme.uno Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap4ewr1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 61 Redirect headers Date Fri, 18 Feb 2022 12:31:47 GMT Access-Control-Allow-Origin https://loveme.uno Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://ap.lijit.com/readerinfo/v2?sovrn_retry=true Access-Control-Allow-Credentials true Connection close X-Sovrn-Pod ad_ap4ewr1 Access-Control-Allow-Headers X-Requested-With, Content-Type
GET H/1.1	200 OK	merge ce.lijit.com/ Redirect Chain https://um.simpli.fi/lj_match?r=95108 https://ce.lijit.com/merge?pid=2&3pid=BC56310CBD5B4BAA8BEF1EC70AEE8758	43 B 716 B	60ms 23ms	Image image/gif	23.92.190.69 INTERNAP-BLK
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=2&3pid=BC56310CBD5B4BAA8BEF1EC70AEE8758 Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol HTTP/1.1 Server 23.92.190.69 , United States, ASN10913 (INTERNAP-BLK, US), Reverse DNS Software nginx / raptor Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Fri, 18 Feb 2022 12:31:47 GMT Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap3ewr1 Content-Type image/gif Content-Length 43 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers date Fri, 18 Feb 2022 12:31:47 GMT x-content-type-options nosniff server openresty location https://ce.lijit.com/merge?pid=2&3pid=BC56310CBD5B4BAA8BEF1EC70AEE8758 strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type text/html access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Thu, 17 Feb 2022 12:31:47 GMT
GET H/1.1	200 OK	sync x.bidswitch.net/ul_cb/ Redirect Chain https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=953358ad7ce249d9ff4568b7 https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=953358ad7ce249d9ff4568b7&_li_chk=true&previous_uuid=339c58c6561c4473990ea2fc63f8759b https://x.bidswitch.net/sync?dsp_id=42&user_id= https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=	43 B 510 B	35ms 35ms	Image image/gif	35.211.178.172 GOOGLE-2
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id= Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol HTTP/1.1 Server 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US), Reverse DNS 172.178.211.35.bc.googleusercontent.com Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:47 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers Location https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id= Date Fri, 18 Feb 2022 12:31:47 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 0
GET H2	204	ProfilesEngineServlet api.intentiq.com/profiles_engine/ Frame 58AC	0 0	78ms 29ms	Document text/plain	52.85.61.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=82063 Requested by Host: data-beacons.s-onetag.com URL: https://data-beacons.s-onetag.com/dataBeacons.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.61.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-61-85.ewr53.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ Response headers date Fri, 18 Feb 2022 12:31:47 GMT server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" x-cache Miss from cloudfront via 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront) x-amz-cf-pop EWR53-P1 x-amz-cf-id eYSReV8olb4idr-YJeVbeSiLPTwJ44nsVpr4TRERsarFKeOdXTqQPg==
GET H/1.1	200 OK	59074 i6.liadm.com/s/ Redirect Chain https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=875d43b0fb429b5fdb6fa3c3 https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=875d43b0fb429b5fdb6fa3c3&_li_chk=true&previous_uuid=f986d033182e4b0b8467feb9931f7a3f https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=875d43b0fb429b5fdb6fa3c3	43 B 419 B	88ms 24ms	Image image/gif	2600:1f18:444a:4602:f850:4eec:7dd:fbc1 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=875d43b0fb429b5fdb6fa3c3 Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol HTTP/1.1 Server 2600:1f18:444a:4602:f850:4eec:7dd:fbc1 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:47 GMT Cache-Control no-store Connection keep-alive Content-Length 43 Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type image/gif Redirect headers Location https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=875d43b0fb429b5fdb6fa3c3 Date Fri, 18 Feb 2022 12:31:46 GMT Connection keep-alive Content-Length 0 Strict-Transport-Security max-age=31536000; includeSubDomains
GET H/1.1	200 OK	merge ce.lijit.com/ Redirect Chain https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=875d43b0fb429b5fdb6fa3c3&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra... https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=875d43b0fb429b5fdb6fa3c3&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra... https://ce.lijit.com/merge?pid=5014&3pid=bcd06e6cbacebfc8d87fcc7219b0d1ed	43 B 719 B	54ms 18ms	Image image/gif	23.92.190.69 INTERNAP-BLK
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=5014&3pid=bcd06e6cbacebfc8d87fcc7219b0d1ed Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol HTTP/1.1 Server 23.92.190.69 , United States, ASN10913 (INTERNAP-BLK, US), Reverse DNS Software nginx / raptor Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Fri, 18 Feb 2022 12:31:47 GMT Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap3ewr1 Content-Type image/gif Content-Length 43 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers date Fri, 18 Feb 2022 12:31:47 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP='NON DSP COR CONi OUR BUS CNT' location https://ce.lijit.com/merge?pid=5014&3pid=bcd06e6cbacebfc8d87fcc7219b0d1ed cf-ray 6df7463ffc82cac4-YYZ content-length 0
GET H/1.1	200 OK	59574 Show response stags.bluekai.com/site/ Frame 1E9A	62 B 759 B	147ms 81ms	Document image/gif	23.3.124.133 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGYAAWIPkbIAAAAJR7rCAw%3D%3D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.858.22942%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=49382985 Requested by Host: tags.bkrtx.com URL: https://tags.bkrtx.com/js/bk-coretag.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.3.124.133 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-3-124-133.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://t.sharethis.com/ Response headers Content-Type image/gif Content-Length 62 P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Date Fri, 18 Feb 2022 12:31:47 GMT Connection keep-alive
GET H2	200	lotame-sync.html Show response cdn-tc.33across.com/ Frame 9F05	343 B 532 B	82ms 25ms	Document text/html	104.18.15.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-tc.33across.com/lotame-sync.html Requested by Host: de.tynt.com URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.15.222 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/EUNJI/ Response headers date Fri, 18 Feb 2022 12:31:47 GMT content-type text/html last-modified Fri, 27 Aug 2021 20:58:37 GMT vary Accept-Encoding etag W/"612951fd-157" content-encoding gzip cf-cache-status HIT age 65595 expires Mon, 21 Feb 2022 12:31:47 GMT cache-control public, max-age=259200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6df746404cc3547f-YYZ
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=1QSUTGIPkbMZNW1bHh5%2FoA%3D%3D&us_privacy=&33random=1645187507152.1&cat=33across https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mmg2SGhpY0kySm9yNXpHVlVXdV9FWl91RTV0cVdIY09wUUN2bEZjdjN1dEk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer... https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mmg2SGhpY0kySm9yNXpHVlVXdV9FWl91RTV0cVdIY09wUUN2bEZjdjN1dEk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr... https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEL_fHZOMCkSIPy8OmRkvJ8Q&google_cver=1	70 B 440 B	24ms 24ms	Image image/gif	18.214.54.215 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEL_fHZOMCkSIPy8OmRkvJ8Q&google_cver=1 Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol HTTP/1.1 Server 18.214.54.215 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-214-54-215.compute-1.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/EUNJI/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:47 GMT Content-Type image/gif Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers pragma no-cache date Fri, 18 Feb 2022 12:31:47 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEL_fHZOMCkSIPy8OmRkvJ8Q&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 375 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	z.png spl.zeotap.com/	0 181 B	82ms 46ms	Image text/plain	2606:4700:10::6816:1957 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://spl.zeotap.com/z.png?zdid=239&ctry=CA&env=mWeb&eventType=pageview&zpb=wu%21&zpbcat=&zcluid=1QSUTGIPkbMZNW1bHh5%2FoA%3D%3D&us_privacy=&ziid=1645187507152.2 Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/EUNJI/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 12:31:47 GMT via 1.1 google cf-cache-status MISS server cloudflare cf-ray 6df746401eb94bb9-YUL expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=1QSUTGIPkbMZNW1bHh5%2FoA%3D%3D&us_privacy=&33random=1645187507152.4&cat=33across https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 https://ps.eyeota.net/match?uid=4ce54243-02e9-49fc-bd5b-14da3085a098&bid=1e2n4ou	70 B 440 B	24ms 24ms	Image image/gif	18.214.54.215 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=4ce54243-02e9-49fc-bd5b-14da3085a098&bid=1e2n4ou Requested by Host: loveme.uno URL: https://loveme.uno/EUNJI/ Protocol HTTP/1.1 Server 18.214.54.215 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-214-54-215.compute-1.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/EUNJI/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:47 GMT Content-Type image/gif Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers pragma no-cache date Fri, 18 Feb 2022 12:31:47 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://ps.eyeota.net/match?uid=4ce54243-02e9-49fc-bd5b-14da3085a098&bid=1e2n4ou cache-control private,no-cache, must-revalidate content-type text/html content-length 191
GET H2	200	sync.min.js Show response tags.crwdcntrl.net/lt/c/16311/ Frame 9F05	23 KB 8 KB	18ms 17ms	Script text/javascript	99.84.42.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/16311/sync.min.js Requested by Host: cdn-tc.33across.com URL: https://cdn-tc.33across.com/lotame-sync.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.42.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-42-105.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash 5640e2177d8a24c6aef1d923c981591689205237b9c2fcba5215d10aa7bcf52e Request headers Accept-Language en-CA,en;q=0.9 Referer https://cdn-tc.33across.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Fri, 18 Feb 2022 05:20:16 GMT content-encoding gzip last-modified Tue, 23 Nov 2021 20:35:46 GMT server AmazonS3 age 25892 etag W/"01cacbace375528e9789d3b3ed3804c2" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript via 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront) cache-control max-age: 86400 x-amz-cf-pop EWR52-C4 x-amz-cf-id 5WWkIuW8BRSQUDjCTR_lPO2ySltrCTCsGd2C4TucF1Xd3E_zMI9ezw==
POST H2	200	map Show response bcp.crwdcntrl.net/6/ Frame 9F05	227 B 606 B	114ms 40ms	XHR application/json	34.234.205.108 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/map Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.234.205.108 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-234-205-108.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash ae9ceeb45f2e3258e0f32b7fd4f0d699c21766e1e0387e721c40fefb2de8d0ca Request headers Referer https://cdn-tc.33across.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 18 Feb 2022 12:31:47 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://cdn-tc.33across.com cache-control no-cache x-server 10.40.8.155 access-control-allow-credentials true content-type application/json;charset=utf-8 content-length 227 expires 0
GET H2	200	optimus_rules.json tags.crwdcntrl.net/lt/c/3825/	4 KB 1 KB	55ms 18ms	XHR application/json	99.84.42.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.42.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-42-105.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Referer https://loveme.uno/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 18 Feb 2022 11:37:03 GMT content-encoding gzip age 3284 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-allow-origin * last-modified Mon, 10 Jan 2022 15:33:32 GMT server AmazonS3 etag W/"6db43f44304c37d76768275ee4f01ba4" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/json via 1.1 f312575ded1ce209349107064ef185be.cloudfront.net (CloudFront) cache-control max-age: 86400 x-amz-cf-pop EWR52-C4 x-amz-cf-id Ms_C8Dx9hgdvchElFGBwpYeuav3vMySNPeH-qgCQ0K5DvfvumqGltg==
POST H/1.1	200 OK	/ t.dtscout.com/pv/	0 261 B	27ms 9ms	Ping application/javascript	158.69.139.230 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/pv/ Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2FEUNJI%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.69.139.230 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip230.ip-158-69-139.net Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Referer https://loveme.uno/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryLiFwM6Vv0KISyIz2 Response headers Date Fri, 18 Feb 2022 12:31:47 GMT X-T 0.09 Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked X-C 0 Content-Type application/javascript Cache-Control no-cache Connection close Expires Fri, 18 Feb 2022 12:31:46 GMT
POST H2	200	metrics connect-metrics-collector.s-onetag.com/	0 73 B	126ms 34ms	Ping text/plain	99.83.181.31 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://connect-metrics-collector.s-onetag.com/metrics Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.83.181.31 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0cb5afe0ce76779e.awsglobalaccelerator.com Software / Resource Hash Request headers Referer https://loveme.uno/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Fri, 18 Feb 2022 12:31:47 GMT content-length 0 vary Origin
GET H2	200	Primary Request / Show response privategirlses.com/	11 KB 5 KB	493ms 461ms	Document text/html	2606:4700:3036::6815:38f6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://privategirlses.com/?utm_source=QgnTN6xIx57f2&utm_campaign=EUNJI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:38f6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 964c4c9d780fb13c8989ece1d3c937a2f0b8ca620376a2da5ca39b6b861d36f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ Response headers date Fri, 18 Feb 2022 12:31:48 GMT content-type text/html; charset=utf-8 vary Accept-Encoding cache-control max-age=0, private, must-revalidate cross-origin-window-policy deny x-content-type-options nosniff x-download-options noopen x-permitted-cross-domain-policies none x-xss-protection 1; mode=block cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mc4BeW4ihGueXZnn8L2ql5bJ0xGXU8FfDsqEOKlWAbLb7G3jnp%2FaZFCI9HZZcLwqNYgdLmjuIN5TO%2FARm5CiML%2BccnuMRc1UnOrXE5pQ2thOww3To6GkoNiIzqT1JJIN4hQRXKqhRUZkRB2d99XyaXI%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6df746435cb04bbe-YUL content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	200	data bcp.crwdcntrl.net/6/	307 B 1 KB	55ms 54ms	XHR application/json	34.234.205.108 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/data Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.234.205.108 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-234-205-108.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash Request headers Referer https://loveme.uno/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 18 Feb 2022 12:31:47 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://loveme.uno cache-control no-cache x-server 10.40.5.70 access-control-allow-credentials true content-type application/json;charset=utf-8 content-length 307 expires 0
POST H3	200	a a.dtssrv.com/	0 538 B	68ms 51ms	Ping text/html	2606:4700:3032::ac43:dc33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.dtssrv.com/a?i=6D001645187506B14AAF70A584EFB41B&k=lotpano&v=1f50bb5bb45b6b53384ac79b8f1316d53938e4f34ba03a565947a5bde6f6f4bf Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Floveme.uno%2FEUNJI%2F&j= Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 12:31:47 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Q1v7vlOcqGXf2yyhJDxpVGAHi9SUL3rq08Y4dnVgAKpDpbAF2c1rQdbshYAW3qQGK%2BHr9czzgiTNW17nHLy%2FLCIzZaH0KbdamK2mMIwYj%2BwMi%2B%2Bo92BMOu7NT2WWV5gUv8rju1T8NSajME%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 6df74643fdd97138-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	lt.iframe.html tags.crwdcntrl.net/lt/shared/2/ Frame 0C86	2 KB 1 KB	17ms 17ms	Document text/html	99.84.42.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825 Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.42.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-42-105.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://loveme.uno/ Response headers content-type text/html date Fri, 18 Feb 2022 05:20:16 GMT last-modified Mon, 01 Feb 2021 20:35:17 GMT etag W/"6fcf4f5197ab24c92d090f6ac8d87e01" x-amz-server-side-encryption AES256 cache-control max-age: 86400 server AmazonS3 content-encoding gzip vary Accept-Encoding x-cache Hit from cloudfront via 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront) x-amz-cf-pop EWR52-C4 x-amz-cf-id cbiUqap0PSRKjBTfWn2-3OK8lX8TP9HdexnGjvIhoOvU0X2kRqddfQ== age 25892
GET H2	200	pixels bcp.crwdcntrl.net/ Frame 3AE6	4 KB 4 KB	24ms 24ms	Document text/html	34.234.205.108 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3&c=3825 Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.234.205.108 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-234-205-108.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://tags.crwdcntrl.net/ Response headers date Fri, 18 Feb 2022 12:31:47 GMT content-type text/html content-length 3859 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV cache-control no-cache pragma no-cache expires 0 x-server 10.40.36.58 server Jetty(9.4.38.v20210224)
GET H2	200	/ wt.rqtrk.eu/ Frame 3AE6	43 B 350 B	41ms 10ms	Image image/gif	15.235.42.103 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://wt.rqtrk.eu/?pid=e34a6063-e846-4ccb-98d8-0eba4dd66b75&src=www&type=100&sid=0&cb=103345970&gdpr=0&gdpr_consent=&gdpr_pd=0&uid=766a9c6247c57564201d6cf4d9c95c34 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3&c=3825 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.235.42.103 , Canada, ASN16276 (OVH, FR), Reverse DNS haproxy-ca-002.roqad.pl Software istio-envoy / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 18 Feb 2022 12:31:47 GMT server istio-envoy p3p CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA" cache-control no-cache,private x-envoy-upstream-service-time 0 content-type image/gif content-length 43 expires Fri, 18 Feb 2022 12:31:46 GMT
GET H2	200	gdpr_consent= sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=4ce54243-02e9-49fc-bd5b-14da3085a098/gdpr=0/ Frame 3AE6 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=4ce54243-02e9-49fc-bd5b-14da3085a098/gdpr=0/gdpr_consent=	49 B 265 B	28ms 28ms	Image image/gif	54.89.1.168 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=4ce54243-02e9-49fc-bd5b-14da3085a098/gdpr=0/gdpr_consent= Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3&c=3825 Protocol H2 Server 54.89.1.168 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-89-1-168.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 18 Feb 2022 12:31:47 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.39.206 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Fri, 18 Feb 2022 12:31:47 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=4ce54243-02e9-49fc-bd5b-14da3085a098/gdpr=0/gdpr_consent= cache-control private,no-cache, must-revalidate content-type text/html content-length 249
GET H/1.1	200 OK	ltm audex.userreport.com/sync/put/ Frame 3AE6	43 B 433 B	161ms 118ms	Image image/gif	52.85.61.93 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://audex.userreport.com/sync/put/ltm?ltmid=766a9c6247c57564201d6cf4d9c95c34 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3&c=3825 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.85.61.93 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-61-93.ewr53.r.cloudfront.net Software nginx/1.18.0 / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:47 GMT Via 1.1 ae9634deb2e9d6f8d396fc6f1e0586fa.cloudfront.net (CloudFront) Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx/1.18.0 X-Amz-Cf-Pop EWR53-P1 X-Cache Miss from cloudfront Content-Type image/gif Connection keep-alive Content-Length 43 X-Amz-Cf-Id oKPvoCuZLHxzB-SV6qMrNhTAuRdlYW3hML-9mNsaQWIqsTBq-qABpA==
GET H2	200	tpid=b781acaf-9529-4e14-b47e-f9e41e3ac93e sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 3AE6 Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=766a9c6247c57564201d6cf4d9c95c34&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp... https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=766a9c6247c57564201d6cf4d9c95c34&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA... https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b781acaf-9529-4e14-b47e-f9e41e3ac93e%252Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%2... https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4ce54243-02e9-49fc-bd5b-14da3085a098&ttd_puid=b781acaf-9529-4e14-b47e-f9e41e3ac93e%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fm... https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=b781acaf-9529-4e14-b47e-f9e41e3ac93e	49 B 265 B	27ms 27ms	Image image/gif	54.89.1.168 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=b781acaf-9529-4e14-b47e-f9e41e3ac93e Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3&c=3825 Protocol H2 Server 54.89.1.168 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-89-1-168.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 18 Feb 2022 12:31:48 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.42.140 content-type image/gif content-length 49 expires 0 Redirect headers location https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=b781acaf-9529-4e14-b47e-f9e41e3ac93e date Fri, 18 Feb 2022 12:31:48 GMT via 1.1 google alt-svc clear content-length 0 strict-transport-security max-age=31536000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H2	200	tpid=e587941812482808bb1f7aae872fd858 sync.crwdcntrl.net/map/c=10832/tp=TRUP/ Frame 3AE6 Redirect Chain https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=e587941812482808bb1f7aae872fd858	49 B 264 B	28ms 28ms	Image image/gif	54.89.1.168 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=e587941812482808bb1f7aae872fd858 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3&c=3825 Protocol H2 Server 54.89.1.168 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-89-1-168.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 18 Feb 2022 12:31:48 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.12.121 content-type image/gif content-length 49 expires 0 Redirect headers date Fri, 18 Feb 2022 12:31:47 GMT x-content-type-options nosniff cf-cache-status DYNAMIC access-control-allow-origin * user-agent Tru Optik DMP 1.3.1 content-length 142 x-xss-protection 1; mode=block pragma no-cache to-dmp-sync s2-dmp-ny2-eqx.truoptik.com server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains content-type text/html location https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=e587941812482808bb1f7aae872fd858 cache-control no-store cf-ray 6df74644ba2f5407-YYZ expires 0
GET		ibs:dpid=121998&dpuuid=766a9c6247c57564201d6cf4d9c95c34&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 dpm.demdex.net/ Frame 3AE6	0 0
GET H/1.1	200 OK	identity c.cintnetworks.com/ Frame 3AE6	0 565 B	177ms 31ms	Image text/plain	40.71.11.141 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.cintnetworks.com/identity?a=5461&gdpr=0&id=Lotame:766a9c6247c57564201d6cf4d9c95c34 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3&c=3825 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.71.11.141 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:47 GMT Vary Origin P3P CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info." Arr-Disable-Session-Affinity true Cache-Control max-age=60, private, must-revalidate Access-Control-Allow-Credentials true Keep-Alive timeout=5 Content-Length 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 3AE6	0 338 B	122ms 24ms	Image text/plain	3.234.61.23 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=766a9c6247c57564201d6cf4d9c95c34 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.234.61.23 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-234-61-23.compute-1.amazonaws.com Software / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 12:31:47 GMT cache-control private, no-cache, no-store x-request-time D=40 t=1645187507 x-served-by beacon-n029-ash-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET		pixel.gif aorta.clickagy.com/ Frame 3AE6 Redirect Chain https://aorta.clickagy.com/pixel.gif?ch=120&cm=766a9c6247c57564201d6cf4d9c95c34 https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D https://pixel-sync.sitescout.com/connectors/clickagy/usersync?cookieQ=1&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=79825357-5ba4-41a3-b8ff-76cb7e263c42-620f91b4-4341 https://idsync.rlcdn.com/420246.gif?partner_uid=c:a643638e815cf4bb0d313e32e48c12ab https://aorta.clickagy.com/pixel.gif?ch=114&cm=eab6cc935b2fa5ccb66d603e55197a1d0c58a98af71a053b78411ca6507410cf25abae5358c0e7bc	0 0
GET		image.sbxx ib.mookie1.com/ Frame 3AE6 Redirect Chain https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=766a9c6247c57564201d6cf4d9c95c34 https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=766a9c6247c57564201d6cf4d9c95c34	0 0
GET H2	200	tpid=163850504066007452945&gdpr=0&gdpr_consent= bcp.crwdcntrl.net/5/c=368/tp=NEUS/ Frame 3AE6 Redirect Chain https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0 https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=163850504066007452945&gdpr=0&gdpr_consent=	49 B 366 B	37ms 37ms	Image image/gif	34.234.205.108 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=163850504066007452945&gdpr=0&gdpr_consent= Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3&c=3825 Protocol H2 Server 34.234.205.108 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-234-205-108.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 18 Feb 2022 12:31:48 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.32.99 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Fri, 18 Feb 2022 12:31:47 GMT via 1.1 f912c5a5865a58aaaad9710240b6d2f2.cloudfront.net (CloudFront) server AAWebServer x-amz-cf-pop EWR52-C2 location https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=163850504066007452945&gdpr=0&gdpr_consent= access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate x-cache Miss from cloudfront access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type x-amz-cf-id Q9pqCNllMcnYN9aBF2yu7gg4HnJznuifKhl5rnUVUraXHMt-sQBuUA== expires 0
GET H/1.1	200 OK	utsync.ashx ml314.com/ Frame 3AE6	43 B 517 B	25ms 25ms	Image image/gif	54.85.224.115 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/utsync.ashx?eid=50146&et=0&fp=766a9c6247c57564201d6cf4d9c95c34&gdpr=0 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3&c=3825 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.85.224.115 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-85-224-115.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Fri, 18 Feb 2022 12:31:47 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET p3P CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" Cache-Control private Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0,Sat, 19 Feb 2022 07:31:47 GMT
GET H2	200	tpid=0-307aae03-5620-40e6-6257-2150696099a5$ip$149.56.153.183 bcp.crwdcntrl.net/map/c=6569/tp=STKA/ Frame 3AE6 Redirect Chain https://sync.srv.stackadapt.com/sync?nid=lotame https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-307aae03-5620-40e6-6257-2150696099a5$ip$149.56.153.183	49 B 264 B	27ms 27ms	Image image/gif	34.234.205.108 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-307aae03-5620-40e6-6257-2150696099a5$ip$149.56.153.183 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3&c=3825 Protocol H2 Server 34.234.205.108 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-234-205-108.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 18 Feb 2022 12:31:48 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.46.83 content-type image/gif content-length 49 expires 0 Redirect headers Location https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-307aae03-5620-40e6-6257-2150696099a5$ip$149.56.153.183 Date Fri, 18 Feb 2022 12:31:48 GMT Connection keep-alive Content-Length 129 Content-Type text/html; charset=utf-8
GET H2	200	tpid=1c8a3184-4fe4-4d96-9c8e-ab6ef1041d08 bcp.crwdcntrl.net/map/c=6584/tp=VIDO/ Frame 3AE6 Redirect Chain https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=1c8a3184-4fe4-4d96-9c8e-ab6ef1041d08	49 B 263 B	28ms 27ms	Image image/gif	34.234.205.108 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=1c8a3184-4fe4-4d96-9c8e-ab6ef1041d08 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3&c=3825 Protocol H2 Server 34.234.205.108 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-234-205-108.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 18 Feb 2022 12:31:48 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.9.40 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Fri, 18 Feb 2022 12:31:48 GMT server Apache-Coyote/1.1 location https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=1c8a3184-4fe4-4d96-9c8e-ab6ef1041d08 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0 x-xss-protection 1; mode=block expires 0
GET H2	200	tpid=bd982df6-90b6-11ec-a21c-79fe14d027ac sync.crwdcntrl.net/map/c=363/tp=ADGR/ Frame 3AE6 Redirect Chain https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D363%2Ftp%3DADGR%2Ftpid%3D__AG_UID__ https://cm.adgrx.com/bridge.gif?AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D363%2Ftp%3DADGR%2Ftpid%3D__AG_UID__ https://sync.crwdcntrl.net/map/c=363/tp=ADGR/tpid=bd982df6-90b6-11ec-a21c-79fe14d027ac	49 B 263 B	27ms 27ms	Image image/gif	54.89.1.168 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=363/tp=ADGR/tpid=bd982df6-90b6-11ec-a21c-79fe14d027ac Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3&c=3825 Protocol H2 Server 54.89.1.168 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-89-1-168.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 18 Feb 2022 12:31:48 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.4.41 content-type image/gif content-length 49 expires 0 Redirect headers Pragma no-cache Date Fri, 18 Feb 2022 12:31:48 GMT server Cowboy Location https://sync.crwdcntrl.net/map/c=363/tp=ADGR/tpid=bd982df6-90b6-11ec-a21c-79fe14d027ac P3P CP="NOI OTC OTP OUR NOR" Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate, proxy-revalidate Connection keep-alive Content-Type image/gif X-RealServer-NX lga-delivery-5 Content-Length 0 Expires Thu, 23 Sep 2004 17:42:04 GMT
GET		img sync.mathtag.com/sync/ Frame 3AE6	0 0
GET H2	200	gdpr=0 sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=4c0b18ac-291a-48e4-930a-1a3b0bc453db-620f91b4-4341/ Frame 3AE6 Redirect Chain https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=4c0b18ac-291a-48e4-930a-1a3b0bc453db-620f91b4-4341/gdpr=0	49 B 264 B	35ms 34ms	Image image/gif	54.89.1.168 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=4c0b18ac-291a-48e4-930a-1a3b0bc453db-620f91b4-4341/gdpr=0 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3&c=3825 Protocol H2 Server 54.89.1.168 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-89-1-168.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 18 Feb 2022 12:31:48 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.39.41 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Fri, 18 Feb 2022 12:31:47 GMT server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" location https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=4c0b18ac-291a-48e4-930a-1a3b0bc453db-620f91b4-4341/gdpr=0 cache-control max-age=0,no-cache,no-store content-length 0 expires Tue, 11 Oct 1977 12:34:56 GMT
GET H/1.1	204 No Content	token token.rubiconproject.com/ Frame 3AE6	0 675 B	95ms 25ms	Image text/plain	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/token?pid=7&puid=766a9c6247c57564201d6cf4d9c95c34&gdpr=0 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3&c=3825 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 29af2665c43893332e84c235bac366c1 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	gdpr=0&_test=Yg_RtAAHIvxmyQBB sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Yg_RtAAHIvxmyQBB/ Frame 3AE6 Redirect Chain https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=Yg_RtAAHIvxmyQBB https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Yg_RtAAHIvxmyQBB/gdpr=0&_test=Yg_RtAAHIvxmyQBB	49 B 264 B	27ms 27ms	Image image/gif	54.89.1.168 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Yg_RtAAHIvxmyQBB/gdpr=0&_test=Yg_RtAAHIvxmyQBB Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3&c=3825 Protocol H2 Server 54.89.1.168 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-89-1-168.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 18 Feb 2022 12:31:48 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.7.206 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Fri, 18 Feb 2022 12:31:48 GMT via 1.1 varnish server Varnish x-timer S1645187508.140638,VS0,VE0 x-served-by cache-yul12827-YUL x-cache HIT location https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Yg_RtAAHIvxmyQBB/gdpr=0&_test=Yg_RtAAHIvxmyQBB cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 3AE6	170 B 188 B	38ms 36ms	Image image/png	172.217.165.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid} Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3&c=3825 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.165.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS lax30s03-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 18 Feb 2022 12:31:47 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	5907 tags.bluekai.com/site/ Frame 3AE6	62 B 615 B	92ms 92ms	Image image/gif	23.3.124.133 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/5907?limit=0&id=49994dfdc2c815154f244272670875ad Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3&c=3825 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.3.124.133 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-3-124-133.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 12:31:48 GMT Connection keep-alive P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Content-Length 62 Content-Type image/gif
GET H2	200	g.json aa.agkn.com/adscores/ Frame 3AE6	103 B 721 B	140ms 96ms	Script application/json	2600:9000:202c:9400:1a:609a:6780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aa.agkn.com/adscores/g.json?sid=9202507693 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3&c=3825 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:202c:9400:1a:609a:6780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AAWebServer / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 18 Feb 2022 12:31:47 GMT via 1.1 f912c5a5865a58aaaad9710240b6d2f2.cloudfront.net (CloudFront) server AAWebServer x-amz-cf-pop EWR52-C2 access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate x-cache Miss from cloudfront content-type application/json access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type content-length 103 x-amz-cf-id HpMUOyYmkx45en9hfn6qjJNzkuTfQYlY8pHYl1rhNFl7sUrlEn0qKQ== expires 0
GET		tpid=$!%7BTURN_UUID%7D d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/766a9c6247c57564201d6cf4d9c95c34/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 3AE6	0 0
POST		a.gif t.sharethis.com/d/ Frame 0549	0 0
GET H2	200	css fonts.googleapis.com/	2 KB 1 KB	80ms 34ms	Stylesheet text/css	2607:f8b0:4006:822::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat&subset=latin-ext Requested by Host: privategirlses.com URL: https://privategirlses.com/?utm_source=QgnTN6xIx57f2&utm_campaign=EUNJI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b0d3e95d9ae6d861a6735dba876fe73ff082293d8663233cc19f54776f2912e4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://privategirlses.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 18 Feb 2022 12:31:48 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 18 Feb 2022 12:31:48 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 18 Feb 2022 12:31:48 GMT
GET H3	200	icon-cross.svg privategirlses.com/lstatic/42b74a1a750c1a004c9c00afdf92fc55/images/	316 B 869 B	467ms 443ms	Image image/svg+xml	2606:4700:3036::6815:38f6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://privategirlses.com/lstatic/42b74a1a750c1a004c9c00afdf92fc55/images/icon-cross.svg Requested by Host: privategirlses.com URL: https://privategirlses.com/?utm_source=QgnTN6xIx57f2&utm_campaign=EUNJI Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:38f6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3c1977f089e4d0203a71c28178bd1b9f019a97690df9687984f7fc4e57c511b Request headers Accept-Language en-CA,en;q=0.9 Referer https://privategirlses.com/?utm_source=QgnTN6xIx57f2&utm_campaign=EUNJI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 12:31:48 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-methods GET, POST, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 17 Nov 2021 11:53:22 GMT server cloudflare etag W/"6194ed32-13c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Olj2m6OnH%2BQojJUxOlqU%2FqaEdJ7hnCgaj%2FFdRGl5eSa7nJ9ajrjqPNELSLhQscAaB1M685J0IJbnQf7SHnDYk5VAJ%2BZZ517JJmFkUpCvBdPBzoTQ3bENrjTYHo4oG0aRZIrIj3vsezbWsLVEgYBmIA%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=14400 cf-ray 6df746467d2e4bcb-YUL access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H3	200	icon-chevron-right.svg privategirlses.com/lstatic/42b74a1a750c1a004c9c00afdf92fc55/images/	240 B 858 B	469ms 446ms	Image image/svg+xml	2606:4700:3036::6815:38f6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://privategirlses.com/lstatic/42b74a1a750c1a004c9c00afdf92fc55/images/icon-chevron-right.svg Requested by Host: privategirlses.com URL: https://privategirlses.com/?utm_source=QgnTN6xIx57f2&utm_campaign=EUNJI Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:38f6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d77d6c825244bbd244c8184f51b1f8b91064c1c2fa30d5883fcc2457f93d3a5f Request headers Accept-Language en-CA,en;q=0.9 Referer https://privategirlses.com/?utm_source=QgnTN6xIx57f2&utm_campaign=EUNJI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 12:31:48 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-methods GET, POST, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 17 Nov 2021 11:53:22 GMT server cloudflare etag W/"6194ed32-f0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6uu50nVZUQlp5%2FV1fqtD%2BqldULgNWTNX24J2isZqfJCYxHpic8DRmvnwu7aLZkMEb7eGiLO4SvgWJkRl6mQrz4JFVSixJX5W%2FksP%2BAZXUAJRGY%2BLIAzCoU1SeSPq3aGrNrWtsYO6x7ATqA3hPYgP8M%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=14400 cf-ray 6df746467d304bcb-YUL access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	jquery-3.3.1.min.js Show response code.jquery.com/	85 KB 30 KB	77ms 27ms	Script application/javascript	2001:4de0:ac18::1:a:2b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.min.js Requested by Host: privategirlses.com URL: https://privategirlses.com/?utm_source=QgnTN6xIx57f2&utm_campaign=EUNJI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers Referer https://privategirlses.com/ Origin https://privategirlses.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 12:31:48 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-1538f" vary Accept-Encoding x-hw 1645187508.dop086.dc2.t,1645187508.cds203.dc2.hn,1645187508.cds164.dc2.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30288
GET H2	200	jquery.background-video.min.js Show response cdn.jsdelivr.net/npm/jquery-background-video@1.1.0/	3 KB 2 KB	41ms 17ms	Script application/javascript	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/jquery-background-video@1.1.0/jquery.background-video.min.js Requested by Host: privategirlses.com URL: https://privategirlses.com/?utm_source=QgnTN6xIx57f2&utm_campaign=EUNJI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 011aefbda7751bf283a0a16c869bb14d49d2ecfa767ae161c6db3a1eda0336e4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://privategirlses.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 12:31:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 400871 x-jsd-version 1.1.0 x-cache HIT, MISS cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19182-FRA, cache-yyz4557-YYZ timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"c2c-rk12AHoQRv8E9UcxhQwjPVHVc68" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 6df746467c837157-YUL
GET H3	200	p.js Show response privategirlses.com/	405 B 1 KB	342ms 320ms	Script application/javascript	2606:4700:3036::6815:38f6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://privategirlses.com/p.js?a=1080289&cr=53151&lid=16320&mh=eHdVTHN2WHpyY3l5WEJjTk9tSVFMcG1wekF2bGt3b3R6bFBma20tMzU2OTE%3D&mmid=2297&p=0&rf=u&rn=zc4ZmdKUys4WmdqVEhG&t=EUNJI Requested by Host: privategirlses.com URL: https://privategirlses.com/?utm_source=QgnTN6xIx57f2&utm_campaign=EUNJI Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:38f6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f80d56825c5e62db5d4ce4efa73186d8335e9e769dae03df2e645bd29e0b464f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://privategirlses.com/?utm_source=QgnTN6xIx57f2&utm_campaign=EUNJI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 12:31:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none cross-origin-window-policy deny alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-download-options noopen report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1W7Mip%2BvPqsCK7swYyRYBcrzccGWdaWtiRPmWKysf9X09dzkkmEF8QTry2vhqt75hMJrClfqIk6C%2FscdfGgFVYXB9yLR4CRicox1iC9dJ3FYFw0RlUMTTpHPWSYU5iWNuvwoETR2NQOJOBpHsji83Lo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 vary Accept-Encoding cache-control max-age=0, private, must-revalidate cf-ray 6df746467d2a4bcb-YUL
GET H3	200	f.js Show response privategirlses.com/lstatic/	2 KB 2 KB	68ms 46ms	Script application/javascript	2606:4700:3036::6815:38f6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://privategirlses.com/lstatic/f.js Requested by Host: privategirlses.com URL: https://privategirlses.com/?utm_source=QgnTN6xIx57f2&utm_campaign=EUNJI Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:38f6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 963a44fa6cbb7486c60762c3ee87598cebac50d93ffc8bcda9ac4b946637138b Request headers Accept-Language en-CA,en;q=0.9 Referer https://privategirlses.com/?utm_source=QgnTN6xIx57f2&utm_campaign=EUNJI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 12:31:48 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 704 access-control-allow-methods GET, POST, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 17 Nov 2021 11:53:19 GMT server cloudflare etag W/"6194ed2f-6ca" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCydal3ph7gRwOgztLCuBRSG3qT9yt8LczRd46spP7ofh0CyUtkSjVWPHLae1ScpdlxJrOk8oytZqhk8XpRwrh%2BAOkGtFuOs8P02wMfb6uNIivECpCt8675HwiosJySP5DVJTvQudokMa2Xd7zPd7Lc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=14400 cf-ray 6df746467d354bcb-YUL access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H3	206	1.mp4 privategirlses.com/lstatic/42b74a1a750c1a004c9c00afdf92fc55/video/	974 KB 975 KB	470ms 451ms	Media video/mp4	2606:4700:3036::6815:38f6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://privategirlses.com/lstatic/42b74a1a750c1a004c9c00afdf92fc55/video/1.mp4 Requested by Host: privategirlses.com URL: https://privategirlses.com/?utm_source=QgnTN6xIx57f2&utm_campaign=EUNJI Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:38f6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b3b62fbea6a0f85a16904129c448a32bac1b84f6d63987fb12a4bec2bc91e97 Request headers Referer https://privategirlses.com/?utm_source=QgnTN6xIx57f2&utm_campaign=EUNJI Accept-Encoding identity;q=1, *;q=0 Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Range bytes=0- Response headers date Fri, 18 Feb 2022 12:31:48 GMT access-control-allow-methods GET, POST, OPTIONS cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Content-Range bytes 0-997796/997797 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 997797 last-modified Wed, 17 Nov 2021 11:53:22 GMT server cloudflare etag "6194ed32-f39a5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7C5gFuEU09Z%2B33j4jz3ylJREcmO4VN11%2FnVn%2BZdXhwwk8CZgdVCNcSuShmh3FVHlmWcja9srfFdpPxqLe6XJAehyPWokmONAeHBGeCECMgT7aEVCYNnKoQAq2uwNIGj4pMt8zlhCPE22HOW6dunwrwU%3D"}],"group":"cf-nel","max_age":604800} content-type video/mp4 access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=14400 cf-ray 6df746467d394bcb-YUL access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 fonts.gstatic.com/s/montserrat/v23/	12 KB 13 KB	66ms 20ms	Font font/woff2	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat&subset=latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://privategirlses.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Sun, 13 Feb 2022 18:25:35 GMT x-content-type-options nosniff age 410773 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12648 x-xss-protection 0 last-modified Thu, 03 Feb 2022 00:11:58 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Mon, 13 Feb 2023 18:25:35 GMT
POST H3	200	featrepl Show response privategirlses.com/	2 B 575 B	243ms 242ms	XHR text/plain	2606:4700:3036::6815:38f6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://privategirlses.com/featrepl?a=1080289&cr=53151&lid=16320&mh=eHdVTHN2WHpyY3l5WEJjTk9tSVFMcG1wekF2bGt3b3R6bFBma20tMzU2OTE%3D&mmid=2297&p=0&rf=u&rn=zc4ZmdKUys4WmdqVEhG&t=EUNJI Requested by Host: privategirlses.com URL: https://privategirlses.com/lstatic/f.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:38f6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://privategirlses.com/?a=1080289&cr=53151&lid=16320&mh=eHdVTHN2WHpyY3l5WEJjTk9tSVFMcG1wekF2bGt3b3R6bFBma20tMzU2OTE%3D&mmid=2297&p=0&rf=u&rn=zc4ZmdKUys4WmdqVEhG&t=EUNJI Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Fri, 18 Feb 2022 12:31:48 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kA39c04%2B76gs%2BkqXcPSPwIVOC2QKsIRrAu7ff%2Fo1BgFhoyMACbcE8fdZFDzvBARL75mmgf0JUlFw945vOFBW746vTX9VOz97jUDf4BVBA%2FIaP3gu%2F8DFAl2vGMCNTLU3zuuocDIXyAaCACidE95xFQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 cf-ray 6df7464878644bcb-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

dpm.demdex.net

URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=766a9c6247c57564201d6cf4d9c95c34&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0

Domain

aorta.clickagy.com

URL

https://aorta.clickagy.com/pixel.gif?ch=114&cm=eab6cc935b2fa5ccb66d603e55197a1d0c58a98af71a053b78411ca6507410cf25abae5358c0e7bc

Domain

ib.mookie1.com

URL

https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=766a9c6247c57564201d6cf4d9c95c34

Domain

sync.mathtag.com

URL

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D

Domain

d.turn.com

URL

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/766a9c6247c57564201d6cf4d9c95c34/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D

Domain

t.sharethis.com

URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGYAAWIPkbIAAAAJR7rCAw%253D%253D&tt=t.dhj&dhjLcy=1645187506740&lbl=pxcel&flbl=pxcel&ll=d&ver=1.858.22942&ell=d&cck=__stid&dmn=loveme.uno&pn=%2FEUNJI%2F&qs=na&rdn=loveme.uno&rpn=%2FEUNJI%2F&rqs=na&cc=CA&cont=NA&evid=5JS0M8XAcz3mmQvGGwEk&urls=!1!252!b-13j,!1!281!b-13h,!1!277!b-14s,!1!0!b-14t,!1!252!b-150,!1!234!b-16f&rnd=1645187508192&cid=c010&version=1.858.22942&cc=CA&cont=NA&cls=C&repeat=0&htmLcy=24&sndBcn=1