userouto.novemberrain.lol Open in urlscan Pro
195.88.24.26 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://userouto.novemberrain.lol/
Submission: On May 29 via automatic, source certstream-suspicious (May 29th 2023, 3:09:33 am UTC) — Scanned from DE

Summary HTTP 198 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 61 IPs in 8 countries across 73 domains to perform 198 HTTP transactions. The main IP is 195.88.24.26, located in Chicago, United States and belongs to KAMATERA, US. The main domain is userouto.novemberrain.lol.
TLS certificate: Issued by R3 on May 29th 2023. Valid for: 3 months.

This is the only time userouto.novemberrain.lol was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
47	195.88.24.26 195.88.24.26	36007 (KAMATERA) (KAMATERA)
4	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::6816:47c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.129.131 151.101.129.131	54113 (FASTLY) (FASTLY)
2	2606:4700:10:... 2606:4700:10::6816:f17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
7	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	52.222.214.106 52.222.214.106	16509 (AMAZON-02) (AMAZON-02)
1 35	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
2	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
5	54.175.167.136 54.175.167.136	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
1	178.79.242.181 178.79.242.181	22822 (LLNW) (LLNW)
1	52.7.151.245 52.7.151.245	14618 (AMAZON-AES) (AMAZON-AES)
1 2	54.144.30.117 54.144.30.117	14618 (AMAZON-AES) (AMAZON-AES)
1	52.21.14.181 52.21.14.181	14618 (AMAZON-AES) (AMAZON-AES)
1	52.222.236.119 52.222.236.119	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223c:8c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.138.17.124 108.138.17.124	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:ac00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	23.55.110.200 23.55.110.200	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	52.22.50.55 52.22.50.55	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	23.212.89.35 23.212.89.35	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	54.229.183.59 54.229.183.59	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.155 185.86.138.155	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	52.59.128.150 52.59.128.150	16509 (AMAZON-02) (AMAZON-02)
3 3	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	3.77.69.115 3.77.69.115	16509 (AMAZON-02) (AMAZON-02)
1 1	104.76.200.221 104.76.200.221	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
2 2	35.157.143.185 35.157.143.185	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:612... 2600:1f18:612b:4216:2976:fb7:a48b:c1b5	14618 (AMAZON-AES) (AMAZON-AES)
1	188.65.124.66 188.65.124.66	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	23.55.110.193 23.55.110.193	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	52.222.236.205 52.222.236.205	16509 (AMAZON-02) (AMAZON-02)
1	34.243.48.125 34.243.48.125	16509 (AMAZON-02) (AMAZON-02)
1	54.227.216.222 54.227.216.222	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.211.112.232 18.211.112.232	14618 (AMAZON-AES) (AMAZON-AES)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.215.230.29 52.215.230.29	16509 (AMAZON-02) (AMAZON-02)
1	34.160.236.64 34.160.236.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	54.93.150.94 54.93.150.94	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	52.3.183.164 52.3.183.164	14618 (AMAZON-AES) (AMAZON-AES)
2 2	13.32.99.105 13.32.99.105	16509 (AMAZON-02) (AMAZON-02)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
1 1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1 1	45.79.141.248 45.79.141.248	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
1	54.154.12.56 54.154.12.56	16509 (AMAZON-02) (AMAZON-02)
1 1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
2	35.85.106.161 35.85.106.161	16509 (AMAZON-02) (AMAZON-02)
1	34.212.4.35 34.212.4.35	16509 (AMAZON-02) (AMAZON-02)
7	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
7	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
198	61

47 195.88.24.26 (Chicago, United States)

ASN36007 (KAMATERA, US)

userouto.novemberrain.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.131 (United States)

ASN54113 (FASTLY, US)

4bbb217ea6254403aa185676f44c955f.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:f17 (United States)

ASN13335 (CLOUDFLARENET, US)

my.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-106.fra56.r.cloudfront.net

assets.gospringboard.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 52.46.128.147 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.35.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.175.167.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-167-136.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.181 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.151.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-151-245.compute-1.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.144.30.117 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-30-117.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.14.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-14-181.compute-1.amazonaws.com

data.adxcel-ec2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-119.fra56.r.cloudfront.net

pix.pub	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:8c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-124.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:ac00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.55.110.200 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-110-200.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.50.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-50-55.compute-1.amazonaws.com

52.22.50.55	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.89.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-89-35.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.229.183.59 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-183-59.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.128.150 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-128-150.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.77.69.115 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-69-115.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.76.200.221 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.143.185 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-143-185.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:2976:fb7:a48b:c1b5 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.55.110.193 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-110-193.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.205 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-205.fra56.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.243.48.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-48-125.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.227.216.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-216-222.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.112.232 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-112-232.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.230.29 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-230-29.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.84 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.150.94 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-150-94.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.183.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-183-164.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.105 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.121 (Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.141.248 (Cedar Knolls, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: lciapi-ewr-15.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.12.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-12-56.eu-west-1.compute.amazonaws.com

sync-amazon.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.85.106.161 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-106-161.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.212.4.35 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-4-35.us-west-2.compute.amazonaws.com

gs.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	novemberrain.lol userouto.novemberrain.lol	3 MB
35	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 273	25 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	200 KB
7	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 389	23 KB
7	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 904	1 KB
7	bing.com bat.bing.com — Cisco Umbrella Rank: 343	13 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 339 www.linkedin.com — Cisco Umbrella Rank: 603 px4.ads.linkedin.com — Cisco Umbrella Rank: 6328	4 KB
5	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2813	7 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	6 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2230	67 KB
4	yahoo.com 3 redirects sp.analytics.yahoo.com — Cisco Umbrella Rank: 1099 ups.analytics.yahoo.com — Cisco Umbrella Rank: 272 cms.analytics.yahoo.com — Cisco Umbrella Rank: 991	2 KB
4	serving-sys.com 1 redirects secure-ds.serving-sys.com — Cisco Umbrella Rank: 2235 bs.serving-sys.com — Cisco Umbrella Rank: 1337	24 KB
4	mountain.com dx.mountain.com — Cisco Umbrella Rank: 5834 px.mountain.com — Cisco Umbrella Rank: 5980 gs.mountain.com — Cisco Umbrella Rank: 11382	7 KB
3	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431	2 KB
3	360yield.com 3 redirects match.360yield.com — Cisco Umbrella Rank: 2082	1 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	3 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6080	671 B
3	google.com www.google.com — Cisco Umbrella Rank: 2	627 B
3	teads.tv p.teads.tv — Cisco Umbrella Rank: 5727 cm.teads.tv — Cisco Umbrella Rank: 6433 t.teads.tv — Cisco Umbrella Rank: 2731	8 KB
3	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 970 pixel.quantserve.com — Cisco Umbrella Rank: 790	10 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3728	27 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3357	267 B
2	pubmatic.com 2 redirects image2.pubmatic.com — Cisco Umbrella Rank: 820 image6.pubmatic.com — Cisco Umbrella Rank: 682	779 B
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1176	1 KB
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 436	352 B
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 155	617 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 694	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 562	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 200	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 315 token.rubiconproject.com — Cisco Umbrella Rank: 573	653 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 601 usermatch.krxd.net — Cisco Umbrella Rank: 1456	358 B
2	stickyadstv.com 2 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 560	1 KB
2	myvisualiq.net 2 redirects t.myvisualiq.net — Cisco Umbrella Rank: 2496	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	886 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	264 B
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 637	936 B
2	t.co t.co — Cisco Umbrella Rank: 516	604 B
2	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 918	3 KB
2	gstatic.com fonts.gstatic.com	56 KB
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 1981	1 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1353 insight.adsrvr.org — Cisco Umbrella Rank: 522	3 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 558	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	136 KB
2	hellobar.com my.hellobar.com — Cisco Umbrella Rank: 17371	77 KB
2	ubembed.com 4bbb217ea6254403aa185676f44c955f.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 9819	49 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 239	404 B
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 882	168 B
1	yieldmo.com sync-amazon.ads.yieldmo.com — Cisco Umbrella Rank: 5220	38 B
1	ispot.tv 1 redirects pi.ispot.tv — Cisco Umbrella Rank: 1893	342 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com — Cisco Umbrella Rank: 3372	750 B
1	exelator.com loadus.exelator.com — Cisco Umbrella Rank: 1292	324 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 358	140 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1108	213 B
1	samba.tv 1 redirects ads.samba.tv — Cisco Umbrella Rank: 4849	657 B
1	samplicio.us usersync.samplicio.us — Cisco Umbrella Rank: 2563	186 B
1	imdb.com 1 redirects www.imdb.com — Cisco Umbrella Rank: 3250	880 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 2183	122 B
1	tremorhub.com 1 redirects amazon.partners.tremorhub.com — Cisco Umbrella Rank: 4741	390 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 532	471 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 493	486 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 592	163 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1480	157 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 825	367 B
1	pix.pub pix.pub — Cisco Umbrella Rank: 4163	413 B
1	adxcel-ec2.com data.adxcel-ec2.com — Cisco Umbrella Rank: 3649	131 B
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 9027	2 KB
1	gospringboard.io assets.gospringboard.io — Cisco Umbrella Rank: 160981	3 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1323	8 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 964	15 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 174	18 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 651	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 725	5 KB
198	73

	Domain	Requested by
47	userouto.novemberrain.lol	userouto.novemberrain.lol
35	s.amazon-adsystem.com	1 redirects userouto.novemberrain.lol s.amazon-adsystem.com
9	www.googletagmanager.com	userouto.novemberrain.lol www.googletagmanager.com
7	js-agent.newrelic.com	userouto.novemberrain.lol
7	tr.snapchat.com	sc-static.net
7	bat.bing.com	userouto.novemberrain.lol bat.bing.com
5	tags.srv.stackadapt.com	userouto.novemberrain.lol tags.srv.stackadapt.com
4	www.google-analytics.com	userouto.novemberrain.lol www.google-analytics.com
3	match.360yield.com	3 redirects
3	ib.adnxs.com	3 redirects
3	px.ads.linkedin.com	3 redirects
3	www.google.de	userouto.novemberrain.lol
3	www.google.com	userouto.novemberrain.lol
3	googleads.g.doubleclick.net	www.googletagmanager.com www.googleadservices.com
3	static.addtoany.com	userouto.novemberrain.lol static.addtoany.com
3	fonts.googleapis.com	userouto.novemberrain.lol
2	px.mountain.com	dx.mountain.com userouto.novemberrain.lol
2	pixel.sitescout.com	userouto.novemberrain.lol
2	uipglob.semasio.net	2 redirects
2	us-u.openx.net	s.amazon-adsystem.com
2	sb.scorecardresearch.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	bs.serving-sys.com	1 redirects secure-ds.serving-sys.com
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	ads.stickyadstv.com	2 redirects
2	t.myvisualiq.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	x.bidswitch.net	2 redirects
2	dsum-sec.casalemedia.com	2 redirects
2	www.facebook.com	userouto.novemberrain.lol
2	pixel.quantserve.com	userouto.novemberrain.lol
2	secure-ds.serving-sys.com	www.googletagmanager.com secure-ds.serving-sys.com
2	analytics.twitter.com	userouto.novemberrain.lol
2	t.co	userouto.novemberrain.lol
2	rules.quantcount.com	secure.quantserve.com
2	fonts.gstatic.com	fonts.googleapis.com
2	trkn.us	1 redirects userouto.novemberrain.lol
2	s.yimg.com	userouto.novemberrain.lol s.yimg.com
2	connect.facebook.net	userouto.novemberrain.lol connect.facebook.net
2	my.hellobar.com	userouto.novemberrain.lol my.hellobar.com
1	bam.nr-data.net	js-agent.newrelic.com
1	insight.adsrvr.org	js.adsrvr.org
1	gs.mountain.com	userouto.novemberrain.lol
1	sync.taboola.com	1 redirects
1	image6.pubmatic.com	1 redirects
1	sync-amazon.ads.yieldmo.com	s.amazon-adsystem.com
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	token.rubiconproject.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	eb2.3lift.com	s.amazon-adsystem.com
1	ssum-sec.casalemedia.com	1 redirects
1	usermatch.krxd.net	s.amazon-adsystem.com
1	odr.mookie1.com	s.amazon-adsystem.com
1	pixel.rubiconproject.com	1 redirects
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	beacon.krxd.net	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	public-prod-dspcookiematching.dmxleo.com	s.amazon-adsystem.com
1	amazon.partners.tremorhub.com	1 redirects
1	tags.bluekai.com	1 redirects
1	aa.agkn.com	1 redirects
1	rtb-csync.smartadserver.com	s.amazon-adsystem.com
1	t.teads.tv	userouto.novemberrain.lol
1	sp.analytics.yahoo.com	userouto.novemberrain.lol
1	cm.teads.tv	p.teads.tv
1	region1.google-analytics.com	www.googletagmanager.com
1	alb.reddit.com	userouto.novemberrain.lol
1	px4.ads.linkedin.com	userouto.novemberrain.lol
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	assets.ubembed.com	4bbb217ea6254403aa185676f44c955f.js.ubembed.com
1	pix.pub	userouto.novemberrain.lol
1	data.adxcel-ec2.com	userouto.novemberrain.lol
1	dx.mountain.com	userouto.novemberrain.lol
1	up.pixel.ad	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	p.teads.tv	www.googletagmanager.com
1	assets.gospringboard.io	userouto.novemberrain.lol
1	www.redditstatic.com	userouto.novemberrain.lol
1	sc-static.net	userouto.novemberrain.lol
1	www.googleadservices.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	4bbb217ea6254403aa185676f44c955f.js.ubembed.com	userouto.novemberrain.lol
198	91

This site contains links to these domains. Also see Links.

Domain
donate.doctorswithoutborders.org
www.facebook.com
www.twitter.com
www.instagram.com
www.youtube.com
www.linkedin.com
msf-usa.medium.com
jobs.doctorswithoutborders.org

Subject Issuer	Validity	Valid
userouto.novemberrain.lol R3	`2023-05-29` - `2023-08-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-04` - `2024-05-03`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-10-09` - `2023-11-10`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-07` - `2023-06-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-12` - `2023-10-08`	6 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-22` - `2023-07-12`	2 months	crt.sh
assets.gospringboard.io Amazon RSA 2048 M02	`2023-04-08` - `2024-05-06`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-02-27` - `2023-11-07`	8 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.pixel.ad GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-24` - `2024-02-02`	a year	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2022-05-21` - `2023-06-22`	a year	crt.sh
adxcel-ec2.com Amazon RSA 2048 M02	`2023-02-24` - `2023-11-16`	9 months	crt.sh
pix.pub Amazon RSA 2048 M01	`2023-02-21` - `2024-01-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
quantserve.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
assets.ubembed.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2023-10-15`	6 months	crt.sh
secure-ds.serving-sys.com R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
52.22.50.55 Sectigo RSA Domain Validation Secure Server CA	`2023-02-14` - `2024-02-14`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
public-prod-dspcookiematching.dmxleo.com ZeroSSL RSA Domain Secure Site CA	`2023-04-17` - `2023-07-16`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.samplicio.us Amazon RSA 2048 M01	`2022-11-16` - `2023-12-15`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
usermatch.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-02-20`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
bs.serving-sys.com Amazon RSA 2048 M02	`2023-03-11` - `2024-04-08`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://userouto.novemberrain.lol/
Frame ID: DD53E79FE72C04F40DFA30E813078652
Requests: 146 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D1ab1dab3-3f1f-fde7-6bbb-bf7206aa7e5a%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.doctorswithoutborders.org/&ex-hargs=v%3D1.0%3Bc%3D9098931520801%3Bp%3D1AB1DAB3-3F1F-FDE7-6BBB-BF7206AA7E5A&cb=467878604342963000&dcc=t
Frame ID: A6DA64FA2A5114DDB1E521A1E1F2F6BA
Requests: 1 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: 00B89B1DAC0D86D26A678843F711513E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=PGu1oIetSlWxAkIInHGjYQ&dmt=3&ex-pl-n-g-hmt=MsRC-xRATOqw9l_kaCwK8g&ep=ttam_T219Ay-cPciHbT10rKvSAe3EGJU-a6zb9tmZuYgPuVOyvz9IRm1K6CjMwIAaPbSXb8fXjYyccAW_6WORZBfYzNliWSUnqrczo0vn9uVUug0-Zkel9SN6RSDF5SSp5Z567haBNdcplYOnILDOHWrbDxC5znFba3L5pL_E9DY6V_-flsQF5-Vo3lWoHYwGoR5Brcj78opw2-NdOWc1sV2pFLasM3N_6-5RO6dTMX2lk2kNUbelVC-YECI8ZOIQ3IivQRGnDVMKPcN6riipCaiIrLKkbD_UPc6KDfeOtA8gceSTDtoXLgJpfJpH5rX0DGqggo4yaKb3cqvXRuXKltV0b6dLfzUuEIf_mXxfXvRCCl_hU9-JrzF6sqARugcaSfIiDyfYSdXg27egbhe78-9GYCUkDHmYBlPt_mG1g_UX8WFdSplNQDGLIUWCoc95Z65swbECWsasgc0lU7Y8G3JTebsX-5Ptj9m3sO8xwWQVUtU5lC0xC1BIWi1iuLCYHIF5uqVw3yNVsNjm6wIqrSgNOcmzdGth8TaGyVo71C0D8b0e_e173sevRN2G8r8u9AkxvqKz2WGUQEUsthA1vYEoGNqEEpuHHxg4FOdNJ7WTbnFIZlonUxARa8t3prkPUVdMobmvuXwadkR3l9iYt3j__wjr4GKBkyP6ynWcqjvGPv0K8dFJGLbZZmyJjNY379Dj9kzyC2uhZxuKJucKDrMpxy5tbLhnrLgqiltyRmqNac3_AE0n3RlRLX-sBku4Fn_hVhjeUf6i5iu6Rp49x-tOp379_SVBT_fmWgSYxtYCWPZ0Nmmf5QK4pVFki5b
Frame ID: C9EF0FF69AE3FDBCA8272076387BEC90
Requests: 44 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: ECBD9C380C1048AB3B01FEA52B234D2A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: CCC98AA8F4A2BE5731B67FB49FC659CB
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=ca31ccb5-b8dc-41e0-a975-3514437ce11b&u_scsid=547bc5b1-4aca-46cf-96da-053981626778&u_sclid=cdbb73a7-c9f4-490c-9963-818d9fd61659
Frame ID: CF81E6E77A5F9E5B15F75D67A77F97E5
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=ca5g5oz&ref=https%3A%2F%2Fuserouto.novemberrain.lol%2F&upid=p3b7hxl&upv=1.1.0&v=undefined
Frame ID: 9B0AFC358FB7FE9A08EA72134567ABAF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | Doctors Without Borders - USA

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Page Statistics

198
Requests

83 %
HTTPS

25 %
IPv6

73
Domains

91
Subdomains

61
IPs

8
Countries

3668 kB
Transfer

5878 kB
Size

80
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://donate.doctorswithoutborders.org/secure/donate
Title: support MSF’s lifesaving care with a gift.

Search URL Search Domain Scan URL

URL: https://donate.doctorswithoutborders.org/secure/monthly
Title: Give Monthly

Search URL Search Domain Scan URL

URL: https://www.facebook.com/doctorswithoutborders
Title: Follow us on Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/MSF_USA
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/doctorswithoutborders
Title: Follow us on Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/MSF
Title: Follow us on Youtube

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/m-decins-sans-fronti-res-msf-
Title: Follow us on linkedin

Search URL Search Domain Scan URL

URL: https://msf-usa.medium.com/
Title: Follow us on Medium

Search URL Search Domain Scan URL

URL: https://jobs.doctorswithoutborders.org/go/Careers-Home/8059900
Title: Work in the US office

Search URL Search Domain Scan URL

URL: https://jobs.doctorswithoutborders.org/go/Office-Internships/8060900
Title: Internships

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D1ab1dab3-3f1f-fde7-6bbb-bf7206aa7e5a%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.doctorswithoutborders.org/&ex-hargs=v%3D1.0%3Bc%3D9098931520801%3Bp%3D1AB1DAB3-3F1F-FDE7-6BBB-BF7206AA7E5A&cb=467878604342963000 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D1ab1dab3-3f1f-fde7-6bbb-bf7206aa7e5a%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.doctorswithoutborders.org/&ex-hargs=v%3D1.0%3Bc%3D9098931520801%3Bp%3D1AB1DAB3-3F1F-FDE7-6BBB-BF7206AA7E5A&cb=467878604342963000&dcc=t

Request Chain 57

https://trkn.us/pixel/conv/ppt=20191;g=donations;gid=47252;rev=;ord=/?gtmcb=1406897840 HTTP 302
https://trkn.us/pixel/conv/ppt=20191;g=donations;gid=47252;rev=;ord=/?gtmcb=1406897840;ip=185.213.155.151;cuidchk=1

Request Chain 93

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3915962&time=1685329762233&url=https%3A%2F%2Fuserouto.novemberrain.lol%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3915962&time=1685329762233&url=https%3A%2F%2Fuserouto.novemberrain.lol%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3915962%26time%3D1685329762233%26url%3Dhttps%253A%252F%252Fuserouto.novemberrain.lol%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3915962&time=1685329762233&url=https%3A%2F%2Fuserouto.novemberrain.lol%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3915962&time=1685329762233&url=https%3A%2F%2Fuserouto.novemberrain.lol%2F&cookiesTest=true&liSync=true&e_ipv6=AQL1HYZrJ7JL5AAAAYhle1pPNivOhaEwkJuJfCLYy50EeZHmQBAA4A1P_ky7V8-8wv3naCiB

Request Chain 127

https://ib.adnxs.com/setuid/a9?entity=188&code=y9eixkKySzmo5Tg3J4mdOg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3Dy9eixkKySzmo5Tg3J4mdOg%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=y9eixkKySzmo5Tg3J4mdOg

Request Chain 128

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=B4LuO4nwTTaEIBKOPC9OXg&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D HTTP 302
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=B4LuO4nwTTaEIBKOPC9OXg&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=956fda14-3a70-4a31-afbe-35518f262f9a

Request Chain 130

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=216613104531000151221&ex=neustar.biz

Request Chain 131

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=iJVOjJR0SkyIoHuvWiJEkw&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=iJVOjJR0SkyIoHuvWiJEkw&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZHQXYmCyJbFsD5PT1G.iyQAA

Request Chain 132

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=8cc89e15836a67a69528e13a146e1c0f

Request Chain 133

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 134

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=AOSCi9Y9QQ6Llk7fjfFy9g HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=AOSCi9Y9QQ6Llk7fjfFy9g

Request Chain 135

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=a9c15d9b-0043-4908-a9d2-390440e44234

Request Chain 136

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=70561f2512e34b709167ad635e49f7bf

Request Chain 138

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://s.amazon-adsystem.com/ecm3?id=y-MiohfaNE2pH4izRKxPzzPtcCkE5XJvh3p3Fu~A&status=OK&ex=gemini

Request Chain 139

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=20ac5d7d84fcd3a1b2e32cfd303d5bf8&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 140

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 142

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=956fda14-3a70-4a31-afbe-35518f262f9a&ex=improvedigital.com

Request Chain 144

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=1146987608d7a3bed

Request Chain 145

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-5cLmwW1QxidHU-UZdDteg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-5cLmwW1QxidHU-UZdDteg

Request Chain 146

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=FPQW78aFQHqqxzAIueAsyA&redirectId=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=1e7b8f2b310f82f425323bf1423d&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=FPQW78aFQHqqxzAIueAsyA

Request Chain 147

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=ND_2wzauQqy9rTzVxABp0g&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=ND_2wzauQqy9rTzVxABp0g&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=21932032181932720453513384379114052225

Request Chain 149

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5191219381655276274

Request Chain 150

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=36388107-fdce-11ed-8f02-194044dd0406 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=363880c0-fdce-11ed-8f02-194044dd0406

Request Chain 151

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=057c8321-fb0d-4644-9d8a-4e8924124cb5

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEEeP7SZZeBRObiek0Lr994U&google_cver=1

Request Chain 154

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=18d9a2b9b10c7dd6dc9ce8655fe84d27

Request Chain 156

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=LSYgUjCGb8kcXdDnrQrM_Dc4ZFA4ZgIC

Request Chain 158

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=90386197F11C1002

Request Chain 159

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=5753206616472844587&ex=appnexus.com

Request Chain 160

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=JNW8Wuc7SEKpUzPDHai4BA&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=JNW8Wuc7SEKpUzPDHai4BA

Request Chain 161

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=rdrQVSS5IObzXWMjiAO3jQ&ex=rubiconproject.com&status=ok

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=MsRC-xRATOqw9l_kaCwK8g& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 164

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2D631774640E1EF570022ACAF4

Request Chain 165

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=b2a51765616e277110a505d61bba4a27c732fccf90a60205d67747d0e0943e01

Request Chain 167

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=882C957E-F77A-4D31-A89C-EDC91D4D2900

Request Chain 169

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=be4d0638-ef61-4efb-9143-e5d34fbfaec3-tuctb6d9ce3

198 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
userouto.novemberrain.lol/ 104 KB
30 KB 432ms
211ms Document
text/html 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL

https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

63d59102dba907bb4e57556b856731cda774fb6deaba4dc95ab813fa995b6c09

Security Headers

Name	Value
Content-Security-Policy	frame-src ; child-src ; report-uri /report-csp-violation
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 32284
cache-control: max-age=86400, public
content-encoding: gzip
content-language: en
content-length: 29609
content-security-policy: frame-src *; child-src *; report-uri /report-csp-violation
content-type: text/html; charset=UTF-8
date: Mon, 29 May 2023 03:09:21 GMT
etag: W/"1685297477"
expires: Sun, 19 Nov 1978 05:00:00 GMT
feature-policy: geolocation *; microphone 'none'; camera 'none'
last-modified: Sun, 28 May 2023 18:11:17 GMT
referrer-policy: strict-origin
server: nginx/1.24.0
strict-transport-security: max-age=31622400; includeSubDomains; preload
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-drupal-cache: MISS
x-drupal-dynamic-cache: HIT
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-pantheon-styx-hostname: styx-fe4-a-586f84c7d4-68wfz
x-served-by: cache-chi-kigq8000038-CHI
x-styx-req-id: 0a45658b-fd83-11ed-87b5-a2548f239969
x-timer: S1685329761.347456,VS0,VE11
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 128ms
34ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 May 2023 03:04:54 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 267
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 29 May 2023 05:04:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 452 KB
121 KB 160ms
49ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5JWTWV

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8839f0a1878a49b9c425c4ffcc582055668abbf7812c8adb05cff33b47c0b591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 123063
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 May 2023 03:09:21 GMT

GET
H2 200 css_yL9-bRgBUvk7QjSH1KbZ0qs1Cs-e8wfZUrlbRPQ8HAg.css
userouto.novemberrain.lol/sites/default/files/css/ 4 KB
2 KB 124ms
122ms Stylesheet
text/css 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL

https://userouto.novemberrain.lol/sites/default/files/css/css_yL9-bRgBUvk7QjSH1KbZ0qs1Cs-e8wfZUrlbRPQ8HAg.css

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

c8bf7e6d180152f93b423487d4a6d9d2ab350acf9ef307d952b95b44f43c1c08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Thu, 16 May 2024 12:49:27 GMT
date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 845583
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-b-5957b97cc4-kq87c
content-length: 1387
x-served-by: cache-chi-kigq8000116-CHI
last-modified: Mon, 15 May 2023 03:00:55 GMT
server: nginx/1.24.0
x-timer: S1685329762.541668,VS0,VE1
etag: W/"6461a067-f27"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 17798f78-f3e8-11ed-b12e-0e83b74ed442
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 css_jqfbqBjgJgPJrH1fFKepo-Ne6R_XZ00nckNbLe1lFXg.css
userouto.novemberrain.lol/sites/default/files/css/ 3 KB
1 KB 119ms
118ms Stylesheet
text/css 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL

https://userouto.novemberrain.lol/sites/default/files/css/css_jqfbqBjgJgPJrH1fFKepo-Ne6R_XZ00nckNbLe1lFXg.css

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

8ea7dba818e02603c9ac7d5f14a7a9a3e35ee91fd7674d2772435b2ded651578

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Wed, 15 May 2024 03:10:56 GMT
date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 845334
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-a-f775fccbd-pmxx6
content-length: 991
x-served-by: cache-chi-kigq8000065-CHI
last-modified: Mon, 15 May 2023 03:00:55 GMT
server: nginx/1.24.0
x-timer: S1685329762.538333,VS0,VE3
etag: W/"6461a067-a61"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 1bc03cf0-f2ce-11ed-b7a7-1622f4788f74
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 css_26AZE5g_ZIihD167qcx6mzSUCnt3QHWeNG7WilNsuoI.css
userouto.novemberrain.lol/sites/default/files/css/ 34 KB
6 KB 143ms
141ms Stylesheet
text/css 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL

https://userouto.novemberrain.lol/sites/default/files/css/css_26AZE5g_ZIihD167qcx6mzSUCnt3QHWeNG7WilNsuoI.css

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

dba01913983f6488a10f5ebba9cc7a9b34940a7b7740759e346ed68a536cba82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Wed, 15 May 2024 11:52:01 GMT
date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 845583
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-a-65bfb7c97b-rb4t7
content-length: 5587
x-served-by: cache-chi-klot8100080-CHI
last-modified: Mon, 15 May 2023 03:10:46 GMT
server: nginx/1.24.0
x-timer: S1685329762.540196,VS0,VE3
etag: W/"6461a2b6-8710"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: e71a44c5-f316-11ed-9ec9-2e74340e0923
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 css_gQ55Gr2grTKTSklG6jMwTBdQeZLzoG6YIZ-dJAmilVI.css
userouto.novemberrain.lol/sites/default/files/css/ 1 KB
980 B 121ms
120ms Stylesheet
text/css 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL

https://userouto.novemberrain.lol/sites/default/files/css/css_gQ55Gr2grTKTSklG6jMwTBdQeZLzoG6YIZ-dJAmilVI.css

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

810e791abda0ad32934a4946ea33304c17507992f3a06e98219f9d2409a29552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Thu, 23 May 2024 12:40:39 GMT
date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 484122
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-a-74685747f-p8cl4
content-length: 518
x-served-by: cache-chi-kigq8000114-CHI
last-modified: Mon, 15 May 2023 03:10:49 GMT
server: nginx/1.24.0
x-timer: S1685329762.538303,VS0,VE4
etag: W/"6461a2b9-541"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 06305458-f967-11ed-9822-36b3461bb6e3
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 css2
fonts.googleapis.com/ 31 KB
1 KB 139ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Bitter:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c832c41ec62d0a9856c0ca5550a9b67c56bb7899f6901a0423c11206844de5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 May 2023 02:55:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 May 2023 03:09:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
947 B 139ms
47ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700&display=swap

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9b71c5eaa38cdc096b9155d085559cbd569e299c476f5f649dea619afe869f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 May 2023 02:55:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 May 2023 03:09:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
764 B 141ms
49ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20b642d6d84bdb3f22bd739729db385a9fb781779304e542003c2967cef98600

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 May 2023 01:50:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 May 2023 03:09:21 GMT

GET
H2 200 css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css
userouto.novemberrain.lol/sites/default/files/css/ 389 KB
86 KB 162ms
161ms Stylesheet
text/css 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL

https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

6e8c8c34a8f59b73b450cf61bb8f614f5e4a1e3d1568899d2b3748c689579140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sun, 19 May 2024 07:32:41 GMT
date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 846211
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-b-5957b97cc4-k2tnc
content-length: 87573
x-served-by: cache-chi-kigq8000071-CHI
last-modified: Fri, 19 May 2023 07:25:43 GMT
server: nginx/1.24.0
x-timer: S1685329762.541395,VS0,VE3
etag: W/"64672477-613fd"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 566b66a3-f617-11ed-b838-ca1b852198c8
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 logo.svg
userouto.novemberrain.lol/themes/custom/msf/ 12 KB
5 KB 256ms
256ms Image
image/svg+xml 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/themes/custom/msf/logo.svg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

518e1535c9ec822b813206fbc3f5d5dfdf755746f754b6b278456ce6d8405c90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sun, 19 May 2024 08:20:30 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 845331
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-a-6d58bdc5b-dxgnc
content-length: 4810
x-served-by: cache-chi-kigq8000096-CHI
last-modified: Fri, 19 May 2023 07:31:30 GMT
server: nginx/1.24.0
x-timer: S1685329762.615285,VS0,VE2
etag: W/"646725d2-3104"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 04819aef-f61e-11ed-8f4e-e2506d99af3b
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 MSB157005.jpg
userouto.novemberrain.lol/sites/default/files/styles/crop_homepage_hero_1440_830/public/image_base_media/2023/05/ 223 KB
224 KB 435ms
426ms Image
image/jpeg 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/sites/default/files/styles/crop_homepage_hero_1440_830/public/image_base_media/2023/05/MSB157005.jpg?h=85642182&itok=mSQqcsTH

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

06d6a4c376219d95f3e92d90cd4007889f5af832441518770f1fd8ef1092b195

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sun, 26 May 2024 18:14:05 GMT
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-b-77c85f7fbb-zrzf9
age: 204916
x-cache: HIT
content-length: 228453
x-served-by: cache-chi-kigq8000030-CHI
last-modified: Fri, 26 May 2023 18:11:03 GMT
server: nginx/1.24.0
x-timer: S1685329762.654703,VS0,VE2
etag: "6470f637-37c65"
content-type: image/jpeg
x-styx-req-id: 1981f527-fbf1-11ed-be4c-f2023631f809
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 location_0.png
userouto.novemberrain.lol/sites/default/files/inline-images/ 2 KB
2 KB 357ms
349ms Image
image/png 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/sites/default/files/inline-images/location_0.png

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

8ebe96dc5f57b99a66cd43b948c08f1238776a8be937481304cf56b8d8b131ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Thu, 16 May 2024 06:03:56 GMT
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-b-5957b97cc4-9qvtk
age: 845331
x-cache: HIT
content-length: 1837
x-served-by: cache-chi-kigq8000066-CHI
last-modified: Fri, 04 Nov 2022 21:22:32 GMT
server: nginx/1.24.0
x-timer: S1685329762.645224,VS0,VE6
etag: "63658298-72d"
content-type: image/png
x-styx-req-id: 711bb1a8-f3af-11ed-81b0-262a902377ef
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 stcope.png
userouto.novemberrain.lol/sites/default/files/inline-images/ 1 KB
2 KB 347ms
339ms Image
image/png 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/sites/default/files/inline-images/stcope.png

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

37676dde49b749863927272eb0466874471bac9fde05ec9d20ac78053c1a70ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Wed, 01 May 2024 11:28:51 GMT
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-b-84cb564dbb-5chg9
age: 845331
x-cache: HIT
content-length: 1301
x-served-by: cache-chi-klot8100149-CHI
last-modified: Fri, 04 Nov 2022 21:22:32 GMT
server: nginx/1.24.0
x-timer: S1685329762.646194,VS0,VE2
etag: "63658298-515"
content-type: image/png
x-styx-req-id: 5953f273-e813-11ed-b29b-3674233cca68
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 hospital.png
userouto.novemberrain.lol/sites/default/files/inline-images/ 489 B
917 B 432ms
423ms Image
image/png 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/sites/default/files/inline-images/hospital.png

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

5918130f071d4e4d8ea0f117b7d2cdf13c212ebe3cca492065785992c5cbb3fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Thu, 16 May 2024 07:05:10 GMT
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-a-6d58bdc5b-qgxsm
age: 845330
x-cache: HIT
content-length: 489
x-served-by: cache-chi-kigq8000169-CHI
last-modified: Fri, 04 Nov 2022 21:22:32 GMT
server: nginx/1.24.0
x-timer: S1685329762.653895,VS0,VE3
etag: "63658298-1e9"
content-type: image/png
x-styx-req-id: ff542f63-f3b7-11ed-b0c0-c2c706fe7fb1
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 Programs%20Icon_1.png
userouto.novemberrain.lol/sites/default/files/inline-images/ 2 KB
2 KB 346ms
337ms Image
image/png 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/sites/default/files/inline-images/Programs%20Icon_1.png

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

265d03e9fc1805d7ad7402549186afb50ffcd77aa60e1b5f67af96495b9dd9ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Thu, 02 May 2024 13:46:22 GMT
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-a-5cfc8c548-774wk
age: 845330
x-cache: HIT
content-length: 1688
x-served-by: cache-chi-klot8100093-CHI
last-modified: Fri, 04 Nov 2022 21:22:31 GMT
server: nginx/1.24.0
x-timer: S1685329762.646246,VS0,VE2
etag: "63658297-698"
content-type: image/png
x-styx-req-id: b999a066-e8ef-11ed-a69b-266b36fadd0e
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 funds.png
userouto.novemberrain.lol/sites/default/files/inline-images/ 2 KB
2 KB 348ms
340ms Image
image/png 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/sites/default/files/inline-images/funds.png

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

a1245c74d12f28b590bf2ac65a4d3208a6f70c53690e34b86d43cc4aec0882bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Wed, 01 May 2024 12:33:16 GMT
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-b-84cb564dbb-nk5mx
age: 845330
x-cache: HIT
content-length: 1805
x-served-by: cache-chi-klot8100157-CHI
last-modified: Fri, 04 Nov 2022 21:22:32 GMT
server: nginx/1.24.0
x-timer: S1685329762.647001,VS0,VE2
etag: "63658298-70d"
content-type: image/png
x-styx-req-id: 590fda32-e81c-11ed-8145-2ecbc81e1adc
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 settings.png
userouto.novemberrain.lol/sites/default/files/inline-images/ 2 KB
3 KB 434ms
427ms Image
image/png 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/sites/default/files/inline-images/settings.png

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

add15dc979f5fb1e6e6bfbd5010922b14bf9eaa026cd738a81a9f0f2f9a69c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Fri, 10 May 2024 05:48:23 GMT
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-b-84cb564dbb-f85ns
age: 845330
x-cache: HIT
content-length: 2342
x-served-by: cache-chi-kigq8000107-CHI
last-modified: Fri, 04 Nov 2022 21:22:32 GMT
server: nginx/1.24.0
x-timer: S1685329762.655050,VS0,VE3
etag: "63658298-926"
content-type: image/png
x-styx-req-id: 4681c3a1-eef6-11ed-b15e-3ee9926f5ec8
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 homepage-stats-bg.jpg
userouto.novemberrain.lol/sites/default/files/styles/homepage_stats_block_desktop_1440x689/public/ 63 KB
63 KB 311ms
304ms Image
image/jpeg 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/sites/default/files/styles/homepage_stats_block_desktop_1440x689/public/homepage-stats-bg.jpg?itok=yLPp7o_t

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

511f133763db7d1a8e9e60e7def69b2664d6232ff3305c394ce4b60c02c93af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Wed, 01 May 2024 13:34:52 GMT
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-b-84cb564dbb-5kdf8
age: 844478
x-cache: HIT
content-length: 64142
x-served-by: cache-chi-kigq8000145-CHI
last-modified: Fri, 04 Nov 2022 20:59:19 GMT
server: nginx/1.24.0
x-timer: S1685329762.644279,VS0,VE3
etag: "63657d27-fa8e"
content-type: image/jpeg
x-styx-req-id: f3a09b32-e824-11ed-a139-fa0d7fa6cc3c
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 MSF246075.jpg
userouto.novemberrain.lol/sites/default/files/styles/collection_block_desktop_666_519/public/image_base_media/2020/07/ 24 KB
24 KB 385ms
379ms Image
image/jpeg 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/sites/default/files/styles/collection_block_desktop_666_519/public/image_base_media/2020/07/MSF246075.jpg?itok=dhL0KUCM

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

be28728d2d9acb8af7e395711558af7cd95441c7be3856aea4ee3184a6c065f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sun, 26 May 2024 18:05:23 GMT
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-a-586f84c7d4-gf646
age: 205438
x-cache: HIT
content-length: 24171
x-served-by: cache-chi-kigq8000043-CHI
last-modified: Fri, 26 May 2023 18:04:43 GMT
server: nginx/1.24.0
x-timer: S1685329762.646997,VS0,VE6
etag: "6470f4bb-5e6b"
content-type: image/jpeg
x-styx-req-id: e240f7aa-fbef-11ed-800e-e6bf374b6cda
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 MSF288879.jpg
userouto.novemberrain.lol/sites/default/files/image_base_media/2019/11/ 363 KB
364 KB 436ms
429ms Image
image/jpeg 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/sites/default/files/image_base_media/2019/11/MSF288879.jpg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

1968797feeb7299ced9f755a33a5c4cadf9a19a20b78b2887b7e1cfda9e03442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sat, 25 May 2024 23:13:32 GMT
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-a-586f84c7d4-gf646
age: 273349
x-cache: HIT
content-length: 371767
x-served-by: cache-chi-klot8100127-CHI
last-modified: Fri, 04 Nov 2022 21:19:31 GMT
server: nginx/1.24.0
x-timer: S1685329762.673732,VS0,VE10
etag: "636581e3-5ac37"
content-type: image/jpeg
x-styx-req-id: c497d806-fb51-11ed-800e-e6bf374b6cda
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 MSB145970.jpg
userouto.novemberrain.lol/sites/default/files/image_base_media/2023/05/ 260 KB
260 KB 400ms
393ms Image
image/jpeg 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/sites/default/files/image_base_media/2023/05/MSB145970.jpg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

b6979e6df6de3479cee7b8e302e95c6887e7caf4756536272033cf159f331d44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Fri, 24 May 2024 14:38:09 GMT
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-b-776b9fc699-s7t4d
age: 390672
x-cache: HIT
content-length: 266009
x-served-by: cache-chi-klot8100063-CHI
last-modified: Tue, 23 May 2023 17:20:45 GMT
server: nginx/1.24.0
x-timer: S1685329762.652909,VS0,VE3
etag: "646cf5ed-40f19"
content-type: image/jpeg
x-styx-req-id: 9ac60073-fa40-11ed-bb47-169488d2c884
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 MSB157438.jpg
userouto.novemberrain.lol/sites/default/files/image_base_media/2023/05/ 649 KB
650 KB 436ms
429ms Image
image/jpeg 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/sites/default/files/image_base_media/2023/05/MSB157438.jpg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

3291a8dda2b3526374424813e602f0976e357f49a57c17eff110cf88e66d8d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Fri, 24 May 2024 20:54:10 GMT
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-a-74685747f-qxwjl
age: 368111
x-cache: HIT
content-length: 664202
x-served-by: cache-chi-kigq8000114-CHI
last-modified: Mon, 22 May 2023 20:57:05 GMT
server: nginx/1.24.0
x-timer: S1685329762.657095,VS0,VE13
etag: "646bd721-a228a"
content-type: image/jpeg
x-styx-req-id: 21cce87f-fa75-11ed-90f5-623b4e28b977
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 MSB157431.jpg
userouto.novemberrain.lol/sites/default/files/image_base_media/2023/05/ 833 KB
835 KB 434ms
427ms Image
image/jpeg 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/sites/default/files/image_base_media/2023/05/MSB157431.jpg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

72d9545193a0d3a09eecde08fa10a652297cb3cd0a780e5c07c8a5e3e803ebd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Wed, 22 May 2024 21:46:14 GMT
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-b-776b9fc699-h59mx
age: 537787
x-cache: HIT
content-length: 853254
x-served-by: cache-chi-klot8100153-CHI
last-modified: Mon, 22 May 2023 21:33:02 GMT
server: nginx/1.24.0
x-timer: S1685329762.654559,VS0,VE7
etag: "646bdf8e-d0506"
content-type: image/jpeg
x-styx-req-id: 1336eda1-f8ea-11ed-9990-56319798e9a9
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 MSF163911%28High%29_0.jpg
userouto.novemberrain.lol/sites/default/files/styles/media_besides_text_666_520/public/ 53 KB
53 KB 435ms
429ms Image
image/jpeg 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/sites/default/files/styles/media_besides_text_666_520/public/MSF163911%28High%29_0.jpg?itok=BA0mouoX

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

f86e410254aa1f9ffcf3b4ec2aeb34f6f3e9ccd5e336274c24b15866321f89df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Thu, 16 May 2024 07:32:19 GMT
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-b-5957b97cc4-9qvtk
age: 844478
x-cache: HIT
content-length: 54151
x-served-by: cache-chi-kigq8000048-CHI
last-modified: Fri, 04 Nov 2022 20:59:19 GMT
server: nginx/1.24.0
x-timer: S1685329762.666936,VS0,VE2
etag: "63657d27-d387"
content-type: image/jpeg
x-styx-req-id: c9f02df8-f3bb-11ed-81b0-262a902377ef
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 MSF245141.jpg
userouto.novemberrain.lol/sites/default/files/styles/media_besides_text_666_520/public/image_base_media/2018/10/ 28 KB
28 KB 434ms
428ms Image
image/jpeg 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/sites/default/files/styles/media_besides_text_666_520/public/image_base_media/2018/10/MSF245141.jpg?itok=hKLZxzjN

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

85dac1b05a9c46d072b65226ede0449fae1edc0c754a2ab596dd4f41107642cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Thu, 16 May 2024 11:10:35 GMT
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-b-5957b97cc4-g7pw4
age: 844477
x-cache: HIT
content-length: 28193
x-served-by: cache-chi-klot8100079-CHI
last-modified: Fri, 04 Nov 2022 20:59:20 GMT
server: nginx/1.24.0
x-timer: S1685329762.663517,VS0,VE2
etag: "63657d28-6e21"
content-type: image/jpeg
x-styx-req-id: 482abc96-f3da-11ed-9b20-feb782772cc1
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 IMG_2132_0.jpeg
userouto.novemberrain.lol/sites/default/files/styles/thumbnail_grid_card_279x174/public/ 13 KB
14 KB 434ms
428ms Image
image/jpeg 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/sites/default/files/styles/thumbnail_grid_card_279x174/public/IMG_2132_0.jpeg?itok=rbX28pwh

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

93b21afa249940f18b6d753fc0d4f0bb26abc5e9e36f04157f1f844d6aa3330a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Mon, 13 May 2024 05:02:09 GMT
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-b-5fb758f6db-kp858
age: 844477
x-cache: HIT
content-length: 13648
x-served-by: cache-chi-kigq8000115-CHI
last-modified: Fri, 04 Nov 2022 21:00:00 GMT
server: nginx/1.24.0
x-timer: S1685329762.662348,VS0,VE2
etag: "63657d50-3550"
content-type: image/jpeg
x-styx-req-id: 50cae43f-f14b-11ed-a7c2-aad0437a2b3f
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 2010-02%20HRO%20Rogier%20Speaking%20to%20Recruitment%20Info%20Session%20Attendee%20in%20Orlando_0.jpg
userouto.novemberrain.lol/sites/default/files/styles/thumbnail_grid_card_279x174/public/ 9 KB
9 KB 377ms
371ms Image
image/jpeg 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/sites/default/files/styles/thumbnail_grid_card_279x174/public/2010-02%20HRO%20Rogier%20Speaking%20to%20Recruitment%20Info%20Session%20Attendee%20in%20Orlando_0.jpg?itok=sidt3-zP

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

5f8705787aa128d5b15d766dab7a7977e9f969959962698923c8b15568aad1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Thu, 16 May 2024 11:10:35 GMT
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-b-5957b97cc4-kq87c
age: 844477
x-cache: HIT
content-length: 8995
x-served-by: cache-chi-kigq8000038-CHI
last-modified: Fri, 04 Nov 2022 21:00:00 GMT
server: nginx/1.24.0
x-timer: S1685329762.649016,VS0,VE3
etag: "63657d50-2323"
content-type: image/jpeg
x-styx-req-id: 4831c221-f3da-11ed-b12e-0e83b74ed442
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 MSF196715.jpg
userouto.novemberrain.lol/sites/default/files/styles/thumbnail_grid_card_279x174/public/image_base_media/2018/10/ 11 KB
11 KB 431ms
426ms Image
image/jpeg 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/sites/default/files/styles/thumbnail_grid_card_279x174/public/image_base_media/2018/10/MSF196715.jpg?itok=m7pkRLO7

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

3a7e7d370f249606227cbf9136005dca302328ca0e86520bd58ce3f4077e969e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Thu, 23 May 2024 15:21:03 GMT
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-a-74685747f-kjnws
age: 474498
x-cache: HIT
content-length: 11035
x-served-by: cache-chi-kigq8000046-CHI
last-modified: Fri, 04 Nov 2022 21:00:00 GMT
server: nginx/1.24.0
x-timer: S1685329762.654835,VS0,VE3
etag: "63657d50-2b1b"
content-type: image/jpeg
x-styx-req-id: 6e78d471-f97d-11ed-b52c-c23463f92f27
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 msf-awards.png
userouto.novemberrain.lol/sites/default/files/ 30 KB
30 KB 432ms
427ms Image
image/png 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/sites/default/files/msf-awards.png

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

7d17ccafdf7f27acde8f67660f25ce5fa15ed757de46311aebbf25cec29a7686

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Fri, 17 May 2024 05:55:09 GMT
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-a-6d58bdc5b-dxgnc
age: 844477
x-cache: HIT
content-length: 30334
x-served-by: cache-chi-klot8100119-CHI
last-modified: Fri, 04 Nov 2022 21:23:25 GMT
server: nginx/1.24.0
x-timer: S1685329762.654544,VS0,VE4
etag: "636582cd-767e"
content-type: image/png
x-styx-req-id: 61e839ce-f477-11ed-8f4e-e2506d99af3b
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 js_6ACCwpxlyy6-RpouvjHB_Z6uzZEqtbn3MK6GLcZ0qi0.js Show response
userouto.novemberrain.lol/sites/default/files/js/ 180 KB
66 KB 249ms
244ms Script
application/x-javascript 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL

https://userouto.novemberrain.lol/sites/default/files/js/js_6ACCwpxlyy6-RpouvjHB_Z6uzZEqtbn3MK6GLcZ0qi0.js

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

e80082c29c65cb2ebe469a2ebe31c1fd9eaecd912ab5b9f730ae862dc674aa2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Wed, 15 May 2024 03:11:06 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 845583
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-b-5fb758f6db-wkdch
content-length: 67036
x-served-by: cache-chi-klot8100100-CHI
last-modified: Mon, 15 May 2023 03:01:25 GMT
server: nginx/1.24.0
x-timer: S1685329762.627357,VS0,VE4
etag: W/"6461a085-2cf0a"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 21ddd260-f2ce-11ed-b09b-62c51595e40a
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 js_SYQ7cVtE79J6xjy9ITXG0I-y7um2gm64i5djn4qgQ0Y.js Show response
userouto.novemberrain.lol/sites/default/files/js/ 7 KB
4 KB 298ms
293ms Script
application/x-javascript 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL

https://userouto.novemberrain.lol/sites/default/files/js/js_SYQ7cVtE79J6xjy9ITXG0I-y7um2gm64i5djn4qgQ0Y.js

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

49843b715b44efd27ac63cbd2135c6d08fb2eee9b6826eb88b97639f8aa04346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Thu, 23 May 2024 09:24:01 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 495920
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-b-776b9fc699-zh4xn
content-length: 3200
x-served-by: cache-chi-klot8100134-CHI
last-modified: Mon, 15 May 2023 03:01:26 GMT
server: nginx/1.24.0
x-timer: S1685329762.635794,VS0,VE5
etag: W/"6461a086-1d52"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 8decfdeb-f94b-11ed-8240-aa191271dde9
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 58ms
22ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:21 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 32562
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 11 Jan 2023 01:11:30 GMT
server: cloudflare
etag: W/"c04-5f1f2ae2e431b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 7ceb89c20e153667-FRA

GET
H2 200 js_3rGINaSwRloCdx4_-AY2EicnDaHFUxu6gk8JB8Mpg3I.js Show response
userouto.novemberrain.lol/sites/default/files/js/ 2 KB
1 KB 246ms
242ms Script
application/x-javascript 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL

https://userouto.novemberrain.lol/sites/default/files/js/js_3rGINaSwRloCdx4_-AY2EicnDaHFUxu6gk8JB8Mpg3I.js

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

deb18835a4b0465a02771e3ff806361227270da1c5531bba824f0907c3298372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Thu, 16 May 2024 05:52:21 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 845583
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-b-5957b97cc4-9qvtk
content-length: 759
x-served-by: cache-chi-klot8100102-CHI
last-modified: Mon, 15 May 2023 03:01:26 GMT
server: nginx/1.24.0
x-timer: S1685329762.629653,VS0,VE1
etag: W/"6461a086-7fd"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: d3063b12-f3ad-11ed-81b0-262a902377ef
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 / Show response
4bbb217ea6254403aa185676f44c955f.js.ubembed.com/ 497 B
769 B 162ms
122ms Script
application/json 151.101.129.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://4bbb217ea6254403aa185676f44c955f.js.ubembed.com/
Requested by: Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bfe1ff2b4a13e4d104ed667fb1942de59ae436e9e5c833a8632ce70698c64280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: br
x-backend-region: eu_west_1
x-amz-cf-pop: FRA56-P3
age: 0
etag: W/26c6d504ef2d0bc7e4fb615a1a78bb12-v0.180.1
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, MISS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
accept-ranges: none
x-amz-apigw-id: FqiXTHEADoEFaHA=

GET
H2 200 js_H76ay3Lp2sEwMQzVINS5tHtg4M8TShBvjEAn2iNozGs.js Show response
userouto.novemberrain.lol/sites/default/files/js/ 135 KB
45 KB 302ms
297ms Script
application/x-javascript 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL

https://userouto.novemberrain.lol/sites/default/files/js/js_H76ay3Lp2sEwMQzVINS5tHtg4M8TShBvjEAn2iNozGs.js

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

1fbe9acb72e9dac130310cd520d4b9b47b60e0cf134a106f8c4027da2368cc6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Fri, 24 May 2024 11:24:51 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 402270
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-a-74685747f-p8cl4
content-length: 45094
x-served-by: cache-chi-klot8100059-CHI
last-modified: Mon, 15 May 2023 03:01:27 GMT
server: nginx/1.24.0
x-timer: S1685329762.639662,VS0,VE3
etag: W/"6461a087-21a8b"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 99c15a4a-fa25-11ed-9822-36b3461bb6e3
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 43d268f2208a5419f79d4e637bafb97a74a37c24.js Show response
my.hellobar.com/ 14 KB
4 KB 280ms
221ms Script
text/javascript 2606:4700:10::6816:f17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/43d268f2208a5419f79d4e637bafb97a74a37c24.js
Requested by: Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d2e9ffe6408d315a1714d77836adfcadfae09ea7f16b64917f5c398c1f167b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sun, 28 May 2023 10:42:20 GMT
server: cloudflare
x-amz-request-id: 8B808BSXBJA72ZGT
etag: W/"e956d239d55fed6575c875454f5aadb9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray: 7ceb89c229c81d92-FRA
x-amz-id-2: nsenRJ8DPx+W6FiosatwQthWowmkmbnhIxpm7QZWTBjwkC5wtggYt5GmhNETNS/5dn4tuBPCuQc=

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 118 KB
46 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-K5Q6FPH&cid=2037264111.1685329762

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

272d70a4e90533a68eb205eacbe7f33a80d33e921c387a01c434f4f065587bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47245
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 May 2023 03:09:21 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 105ms
10ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JWTWV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 05 Jun 2023 03:09:21 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/590821781/ 3 KB
2 KB 157ms
51ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/590821781/?random=1685329761783&cv=11&fst=1685329761783&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuserouto.novemberrain.lol%2F&label=GM7DCK7mtf8BEJXz3JkC&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20Doctors%20Without%20Borders%20-%20USA&auid=678029649.1685329762&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JWTWV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4385e90fa0aa28cbc339850c4e9a38e30ee04688f3c887de15a384d51f9598a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1380
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10816769591/ 3 KB
2 KB 156ms
50ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10816769591/?random=1685329761788&cv=11&fst=1685329761788&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuserouto.novemberrain.lol%2F&label=hkcwCOrtuIYDELec66Uo&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20Doctors%20Without%20Borders%20-%20USA&auid=678029649.1685329762&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JWTWV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01b4060f6ed05c08974913a5ee1e7c38fb5159e2e9b309ca4d91092f3fd720d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1381
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 90ms
9ms Script
application/x-javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JWTWV

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=62482
accept-ranges: bytes
content-length: 4777

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 73ms
8ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JWTWV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220057-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 85ms
12ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c5100cd90a95aa459fe237adc409043e20f8fd06caa5cd3b74d66f79387ae0fb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 29 May 2023 03:09:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27498
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: vEWamttJZhTT+do1zfGFS1gkJyeC92MT4OqeigOaUTAkO+Zq/FKyghEMCa+uwSNRGx67qqelimMVjlsLlGq/Ig==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 48 KB
18 KB 152ms
51ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JWTWV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

754acb7f1683954de7697922bdf7d8c246e3ed168174c82eacf186bafa933915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18110
x-xss-protection: 0
server: cafe
etag: 565598911584574198
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 29 May 2023 03:09:21 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 114ms
42ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 29 May 2023 03:09:21 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5251E249E8634394A05F8908E5AEA53A Ref B: FRAEDGE2014 Ref C: 2023-05-29T03:09:21Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 scevent.min.js Show response
sc-static.net/ 33 KB
15 KB 102ms
37ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 704d84bb9b6b9ae3ae19d749a6bd0abb9ba6fd1e1750a4347113788000f7dfa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: gzip
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 14474
x-amz-cf-id: HCqRFVwOi4VhXR7PpercEBTdTEC4oZIpNrfPO57e7oEe7HmqmVWtlg==

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 39ms
10ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7356

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 17 KB
7 KB 94ms
26ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:16 GMT
x-amz-version-id: JGW8wXvjjj83MVu5c5k1Bd2u8_DD2rYy
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: XBMJTK62QQYQH136
age: 6
x-amz-server-side-encryption: AES256
content-length: 6104
x-amz-id-2: tTwCYGrVvc3FHOCesCMXDbRSPi5XNF0jeXxHmNVFPg25Af4EYyrqXwYJzOH8vNc1d2X0sO8XIA0=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 31 May 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 26 Apr 2023 11:08:30 GMT
server: ATS
etag: "e896178ac557f4e393e0a05405c33633-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 rmst.js Show response
assets.gospringboard.io/v1/ 3 KB
3 KB 112ms
14ms Script
application/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gospringboard.io/v1/rmst.js?brand_url=rms.gospringboard.io&app_id=gfHDYeacwZcc
Requested by: Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cabaee9065b0bd4b54afe25a8c23ce70e7f48ac39d9389d5001d185aa2d1d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 16:05:48 GMT
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
last-modified: Mon, 25 Sep 2017 15:16:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 39814
etag: "8d3f342e650866222301c7dd10419efd"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2875
x-amz-cf-id: UEotTiCdu5r0VPqsK5dsPZ5afUTJQXxK7xirrRWC-yYqi1PsxQSSLw==

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame A6DA
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D1ab1dab3-3f1f-fde7-6bbb-bf7206aa7e5a%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.doctorswithoutborders.org/&ex-hargs=v%3D1.0%3Bc...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D1ab1dab3-3f1f-fde7-6bbb-bf7206aa7e5a%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.doctorswithoutborders.org/&ex-hargs=v%3D1.0%3Bc...

1 KB
2 KB

141ms
137ms

Document
text/html

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D1ab1dab3-3f1f-fde7-6bbb-bf7206aa7e5a%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.doctorswithoutborders.org/&ex-hargs=v%3D1.0%3Bc%3D9098931520801%3Bp%3D1AB1DAB3-3F1F-FDE7-6BBB-BF7206AA7E5A&cb=467878604342963000&dcc=t

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

3ca0c58949bc5722a3f490f43613ffd43afa90e675860ff5af41cb8f4d8da20c

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://userouto.novemberrain.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1496
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 29 May 2023 03:09:22 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: ZM5NRVQMQF5GXTBCK8Q2

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 29 May 2023 03:09:22 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D1ab1dab3-3f1f-fde7-6bbb-bf7206aa7e5a%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.doctorswithoutborders.org/&ex-hargs=v%3D1.0%3Bc%3D9098931520801%3Bp%3D1AB1DAB3-3F1F-FDE7-6BBB-BF7206AA7E5A&cb=467878604342963000&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 88DF1GN0WRBA4EZWZDJH

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 19 KB
7 KB 102ms
23ms Script
application/javascript 104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JWTWV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b0cc9a2cf38a0cc4dca290f198ff87deeaa70dbb397165d15b5e7a69efc018c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 29 May 2023 03:09:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Apr 2023 14:48:36 GMT
Server: AmazonS3
x-amz-request-id: 5VFBACZMTT3BSWX4
ETag: "923b974ca0644de79e6688ce2d4bbaab"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=87
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6433
x-amz-id-2: h1y13rh6cFi3mLKh66u0RI8/HK0zhzA+H8zwoqv4JpusC5U28KU6NZBxhxNvjY6jySE+RQV9R3A=

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 364ms
115ms Script
text/javascript 54.175.167.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.167.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-167-136.compute-1.amazonaws.com
Software: /
Resource Hash: 5f1b9d0b9bbcb9cb68eca37e238a23a17874eb6da5be653d16988c3e104bbd61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 29 May 2023 03:09:22 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 50ms
9ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JWTWV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 19:22:09 GMT
Content-Encoding: gzip
Via: 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 28033
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: Qaz6urcOZ8QuMh9md1gdedUrs_58owYAwa9Ia50UT2oZwjNE0abYlg==

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 102ms
18ms Script
application/javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JWTWV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 326532
vary: accept-encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: 8f62305b4bc3fc4707d28e2fc439c0f6

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 14 KB
4 KB 495ms
104ms Script
application/javascript 52.7.151.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=33760&tdr=&plh=https%3A%2F%2Fuserouto.novemberrain.lol%2F&cb=45995568023416180term=value
Requested by: Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.151.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-151-245.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 9b9207f2f5e1bc2e372972a623a948cf1d1f80fba52714bd811e6913519eb62c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
x-envoy-upstream-service-time: 2
be: spx-prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 58ms
54ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9764BMZSVR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JWTWV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e73bca8212902da66af262a207df3ae8596744fb58d4124023b09d451e92df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80719
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 May 2023 03:09:21 GMT

GET
H/1.1

200
OK

/
trkn.us/pixel/conv/ppt=20191;g=donations;gid=47252;rev=;ord=/
Redirect Chain

https://trkn.us/pixel/conv/ppt=20191;g=donations;gid=47252;rev=;ord=/?gtmcb=1406897840
https://trkn.us/pixel/conv/ppt=20191;g=donations;gid=47252;rev=;ord=/?gtmcb=1406897840;ip=185.213.155.151;cuidchk=1

42 B
780 B

1021ms
1020ms

Image
image/gif

54.144.30.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=20191;g=donations;gid=47252;rev=;ord=/?gtmcb=1406897840;ip=185.213.155.151;cuidchk=1

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

HTTP/1.1

Server

54.144.30.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-144-30-117.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Mon, 29 May 2023 03:09:22 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=UTF-8
Location: /pixel/conv/ppt=20191;g=donations;gid=47252;rev=;ord=/?gtmcb=1406897840;ip=185.213.155.151;cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK /
data.adxcel-ec2.com/pixel/ 43 B
131 B 443ms
110ms Image
image/gif 52.21.14.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=content&pixid=bbd64973-ba68-490a-aff0-94b8f4bfcab7&gtmcb=1915830301
Requested by: Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.14.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-14-181.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 t.png
pix.pub/ 68 B
413 B 65ms
9ms Image
image/png 52.222.236.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.pub/t.png?&t=1685329761820&l=tvscientific-pix-o-769fe944-785c-44d2-acf4-bd79a020c877&u3=https%3A%2F%2Fuserouto.novemberrain.lol%2F
Requested by: Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 14:20:09 GMT
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
last-modified: Mon, 22 Mar 2021 14:38:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 46154
x-amz-server-side-encryption: AES256
etag: "8e31b8b47c618ed73e5b31011d1de037"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 68
x-amz-cf-id: BAPG3KMbXQXiuVb0ztcI3MrLkovyYajJgGJXXdXn4ViGKIWJI-Z-sw==

GET
H2 200 rax8HiqOu8IVPmn7f4xp.woff2
fonts.gstatic.com/s/bitter/v32/ 30 KB
30 KB 159ms
77ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v32/rax8HiqOu8IVPmn7f4xp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bitter:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee034a6cfa166960dac8b3faed99d2f0393468053f3e32d1c80c677d549f38a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://userouto.novemberrain.lol
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:18:35 GMT
x-content-type-options: nosniff
age: 535846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30892
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 17:46:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 May 2024 22:18:35 GMT

GET
H2 200 arrow-right-black.svg
userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/ 190 B
656 B 317ms
316ms Image
image/svg+xml 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/arrow-right-black.svg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

b3b59c4ad52bea1bb816fdbb0d94c834fccf723b80ccd26878811a89d68b42f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sun, 19 May 2024 08:34:44 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 844478
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-a-6d58bdc5b-qgxsm
content-length: 167
x-served-by: cache-chi-klot8100048-CHI
last-modified: Fri, 19 May 2023 07:31:38 GMT
server: nginx/1.24.0
x-timer: S1685329762.904909,VS0,VE3
etag: W/"646725da-be"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 018709a8-f620-11ed-b0c0-c2c706fe7fb1
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 header-search-icon.svg
userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/ 309 B
715 B 377ms
377ms Image
image/svg+xml 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/header-search-icon.svg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

e79bb1abbc7abb7e99989699b08d664e75c304396eeef74206270f3e64df4414

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Thu, 23 May 2024 05:13:08 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 510974
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-a-74685747f-99lfv
content-length: 225
x-served-by: cache-chi-kigq8000115-CHI
last-modified: Mon, 22 May 2023 03:57:10 GMT
server: nginx/1.24.0
x-timer: S1685329762.950978,VS0,VE2
etag: W/"646ae816-135"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 8160b659-f928-11ed-bd24-a22ee8f6346c
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 arrow-right-color-white.svg
userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/ 197 B
661 B 312ms
311ms Image
image/svg+xml 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/arrow-right-color-white.svg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

3dd76bc7712b8e7b2c6437fb5ee592edfcb5f6095c4b54ed2f6b13b4f04d8bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sun, 19 May 2024 08:34:44 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 844478
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-b-5957b97cc4-k2tnc
content-length: 170
x-served-by: cache-chi-kigq8000033-CHI
last-modified: Fri, 19 May 2023 07:31:36 GMT
server: nginx/1.24.0
x-timer: S1685329762.914746,VS0,VE3
etag: W/"646725d8-c5"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 0186c27b-f620-11ed-b838-ca1b852198c8
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 icon-news-red.svg
userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/ 924 B
915 B 313ms
305ms Image
image/svg+xml 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/icon-news-red.svg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

9140965a79007b803abcbe7975aa4cd843ff3940613fe6bd4aafc9206263fb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sun, 19 May 2024 08:34:44 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 844478
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-b-5957b97cc4-k2tnc
content-length: 424
x-served-by: cache-chi-klot8100178-CHI
last-modified: Fri, 19 May 2023 07:31:40 GMT
server: nginx/1.24.0
x-timer: S1685329762.923460,VS0,VE6
etag: W/"646725dc-39c"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 01873797-f620-11ed-b838-ca1b852198c8
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 icon-story-red.svg
userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/ 867 B
836 B 312ms
305ms Image
image/svg+xml 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/icon-story-red.svg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

b5a7688ddc9940927ee3570729224861d9d9e5783f718adc26a0d887d26a03a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sun, 19 May 2024 08:34:44 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 844478
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-b-5957b97cc4-9qvtk
content-length: 345
x-served-by: cache-chi-klot8100142-CHI
last-modified: Fri, 19 May 2023 07:31:37 GMT
server: nginx/1.24.0
x-timer: S1685329762.922620,VS0,VE6
etag: W/"646725d9-363"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 0186d2a3-f620-11ed-81b0-262a902377ef
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 facebook.svg
userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/social/ 574 B
822 B 313ms
306ms Image
image/svg+xml 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/social/facebook.svg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

9feae130e6a32a30244b79ccbaed4ccd6cff03a85318b505deb76e09be5ef52c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sun, 19 May 2024 08:34:44 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 844478
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-a-6d58bdc5b-qgxsm
content-length: 332
x-served-by: cache-chi-klot8100043-CHI
last-modified: Fri, 19 May 2023 07:31:37 GMT
server: nginx/1.24.0
x-timer: S1685329762.920701,VS0,VE4
etag: W/"646725d9-23e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 0186e4a0-f620-11ed-b0c0-c2c706fe7fb1
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 twitter.svg
userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/social/ 1 KB
1 KB 329ms
323ms Image
image/svg+xml 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/social/twitter.svg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

5e99b03ae9d10aab7c83873f900d60866460c3624f14f1f47e1af750b6e2446f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sun, 19 May 2024 08:34:44 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 844478
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-a-6d58bdc5b-qgxsm
content-length: 673
x-served-by: cache-chi-klot8100020-CHI
last-modified: Fri, 19 May 2023 07:31:40 GMT
server: nginx/1.24.0
x-timer: S1685329762.940393,VS0,VE2
etag: W/"646725dc-523"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 018c1bce-f620-11ed-b0c0-c2c706fe7fb1
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 instagram.svg
userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/social/ 5 KB
3 KB 313ms
306ms Image
image/svg+xml 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/social/instagram.svg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

a4295846504ee0fa4d262411d4f0ed450f8acc152db4eb1bec5c6f07db0273c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sun, 19 May 2024 08:34:44 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 844478
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-a-6d58bdc5b-qgxsm
content-length: 2189
x-served-by: cache-chi-kigq8000177-CHI
last-modified: Fri, 19 May 2023 07:31:37 GMT
server: nginx/1.24.0
x-timer: S1685329762.928122,VS0,VE4
etag: W/"646725d9-1233"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 018c205d-f620-11ed-b0c0-c2c706fe7fb1
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 youtube.svg
userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/social/ 1 KB
1 KB 307ms
301ms Image
image/svg+xml 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/social/youtube.svg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

22d4b861bf339d524ff8e0fb180120cd4cda36278df19e2c3786b95815106857

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sun, 19 May 2024 08:34:44 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 844478
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-a-6d58bdc5b-qcct8
content-length: 544
x-served-by: cache-chi-kigq8000097-CHI
last-modified: Fri, 19 May 2023 07:31:38 GMT
server: nginx/1.24.0
x-timer: S1685329762.917621,VS0,VE2
etag: W/"646725da-4b8"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 018c25d7-f620-11ed-bc65-7ae5428c231e
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 linkedin.svg
userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/social/ 965 B
998 B 367ms
361ms Image
image/svg+xml 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/social/linkedin.svg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

65fd05594c180e270988f3b29ce7b4227336d34ed3fa086575729cd872a5fb2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sun, 19 May 2024 08:34:44 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 844478
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-b-5957b97cc4-kq87c
content-length: 507
x-served-by: cache-chi-kigq8000160-CHI
last-modified: Fri, 19 May 2023 07:31:37 GMT
server: nginx/1.24.0
x-timer: S1685329762.959082,VS0,VE16
etag: W/"646725d9-3c5"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 018c1b3c-f620-11ed-b12e-0e83b74ed442
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 medium.svg
userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/social/ 1 KB
1 KB 310ms
304ms Image
image/svg+xml 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/social/medium.svg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

ae3e692e2a584c5c4c1cf0a1d4d8fb7d6ba0b00794ca7f05c56b2d24221dc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sun, 19 May 2024 08:34:44 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 844478
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-a-6d58bdc5b-dxgnc
content-length: 566
x-served-by: cache-chi-klot8100121-CHI
last-modified: Fri, 19 May 2023 07:31:37 GMT
server: nginx/1.24.0
x-timer: S1685329762.923529,VS0,VE4
etag: W/"646725d9-411"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 018c6bae-f620-11ed-8f4e-e2506d99af3b
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 facebook.svg
userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/ 574 B
822 B 309ms
307ms Image
image/svg+xml 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/facebook.svg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

9feae130e6a32a30244b79ccbaed4ccd6cff03a85318b505deb76e09be5ef52c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sun, 19 May 2024 07:32:41 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 844478
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-a-6d58bdc5b-qcct8
content-length: 332
x-served-by: cache-chi-klot8100084-CHI
last-modified: Fri, 19 May 2023 07:31:36 GMT
server: nginx/1.24.0
x-timer: S1685329762.930346,VS0,VE12
etag: W/"646725d8-23e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 569ea6a8-f617-11ed-bc65-7ae5428c231e
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 twitter.svg
userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/ 1 KB
1 KB 306ms
305ms Image
image/svg+xml 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/twitter.svg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

5e99b03ae9d10aab7c83873f900d60866460c3624f14f1f47e1af750b6e2446f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Thu, 23 May 2024 05:12:17 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 511025
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-b-776b9fc699-zh4xn
content-length: 673
x-served-by: cache-chi-kigq8000102-CHI
last-modified: Mon, 22 May 2023 05:15:35 GMT
server: nginx/1.24.0
x-timer: S1685329762.927644,VS0,VE9
etag: W/"646afa77-523"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 62f08c7b-f928-11ed-8240-aa191271dde9
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 instagram.svg
userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/ 5 KB
3 KB 360ms
359ms Image
image/svg+xml 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/instagram.svg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

a4295846504ee0fa4d262411d4f0ed450f8acc152db4eb1bec5c6f07db0273c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Thu, 23 May 2024 08:12:21 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 500221
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-b-776b9fc699-zh4xn
content-length: 2189
x-served-by: cache-chi-kigq8000107-CHI
last-modified: Mon, 22 May 2023 07:15:26 GMT
server: nginx/1.24.0
x-timer: S1685329762.946315,VS0,VE4
etag: W/"646b168e-1233"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 8abd002d-f941-11ed-8240-aa191271dde9
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 youtube.svg
userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/ 1 KB
1 KB 358ms
348ms Image
image/svg+xml 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/youtube.svg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

22d4b861bf339d524ff8e0fb180120cd4cda36278df19e2c3786b95815106857

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sun, 19 May 2024 08:34:44 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 844478
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-b-5957b97cc4-9qvtk
content-length: 544
x-served-by: cache-chi-klot8100102-CHI
last-modified: Fri, 19 May 2023 07:31:38 GMT
server: nginx/1.24.0
x-timer: S1685329762.945514,VS0,VE2
etag: W/"646725da-4b8"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 01918980-f620-11ed-81b0-262a902377ef
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 linkedin.svg
userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/ 965 B
998 B 303ms
293ms Image
image/svg+xml 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/linkedin.svg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

65fd05594c180e270988f3b29ce7b4227336d34ed3fa086575729cd872a5fb2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sun, 19 May 2024 08:34:44 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 844478
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-a-6d58bdc5b-dxgnc
content-length: 507
x-served-by: cache-chi-kigq8000163-CHI
last-modified: Fri, 19 May 2023 07:31:40 GMT
server: nginx/1.24.0
x-timer: S1685329762.929505,VS0,VE2
etag: W/"646725dc-3c5"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 0191f0db-f620-11ed-8f4e-e2506d99af3b
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 medium.svg
userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/ 1 KB
1 KB 357ms
347ms Image
image/svg+xml 195.88.24.26
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userouto.novemberrain.lol/themes/custom/msf/pattern-lab/source/images/icons/medium.svg

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.88.24.26 Chicago, United States, ASN36007 (KAMATERA, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

ae3e692e2a584c5c4c1cf0a1d4d8fb7d6ba0b00794ca7f05c56b2d24221dc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/sites/default/files/css/css_boyMNKj1m3O0UM9hu49hT15KHj0VaImdKzdIxolXkUA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sun, 19 May 2024 08:34:44 GMT
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31622400; includeSubDomains; preload
age: 844478
x-cache: HIT
x-pantheon-styx-hostname: styx-fe4-b-5957b97cc4-kq87c
content-length: 566
x-served-by: cache-chi-klot8100091-CHI
last-modified: Fri, 19 May 2023 07:31:36 GMT
server: nginx/1.24.0
x-timer: S1685329762.942261,VS0,VE2
etag: W/"646725d8-411"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 0191ade7-f620-11ed-b12e-0e83b74ed442
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 98ms
42ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://userouto.novemberrain.lol
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 22:13:59 GMT
x-content-type-options: nosniff
age: 104122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 22:13:59 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 62ms
62ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2114781233&t=pageview&_s=1&dl=https%3A%2F%2Fuserouto.novemberrain.lol%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Doctors%20Without%20Borders%20-%20USA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEADRAAAACAEK~&jid=905124886&gjid=415291745&cid=2037264111.1685329762&tid=UA-3903043-22&_gid=510503486.1685329762&_r=1&_slc=1&gtm=45He35o0n715JWTWV&cg1=Other&cd4=null&cd5=2037264111-1685329762&cd6=1685329761772.ii64sm29&cd7=GTM-5JWTWV%20-%20230&z=600527801

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://userouto.novemberrain.lol/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://userouto.novemberrain.lol
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 51ms
49ms Image
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-K5Q6FPH&cv=161&v=3&t=t&pid=603087768&rv=35o0&es=1&e=gtm.init_consent&eid=-1&h=Ag&tc=2&dl=userouto.novemberrain.lol%2F&tdp=GTM-K5Q6FPH;;0;0;0&z=0

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:22 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 td
www.googletagmanager.com/ 0
15 B 51ms
49ms Image
image/gif 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=GTM-K5Q6FPH&cv=161&v=3&t=t&pid=603087768&rv=35o0&es=1&e=gtm.init_consent&eid=-1&h=Ag&tc=2&dl=userouto.novemberrain.lol%2F&tdp=GTM-K5Q6FPH;;0;0;0&z=0
Requested by: Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:22 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 54ms
53ms Image
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-K5Q6FPH&cv=161&v=3&t=t&pid=603087768&rv=35o0&es=1&e=gtm.init&eid=0&h=Ag&tc=2&z=0

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:22 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 64ms
62ms Image
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-K5Q6FPH&cv=161&v=3&t=t&pid=603087768&rv=35o0&es=1&e=*&eid=1&h=Ag&tc=2&z=0

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:22 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 48ms
47ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2114781233&t=pageview&_s=1&dl=https%3A%2F%2Fuserouto.novemberrain.lol%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Doctors%20Without%20Borders%20-%20USA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEADRAAAACAEK~&jid=&gjid=&cid=2037264111.1685329762&tid=UA-3903043-22&_gid=510503486.1685329762&gtm=45He35o0n715JWTWV&cg1=Other&cd4=null&cd5=2037264111-1685329762&cd6=1685329761781.00gjmxd6&cd7=GTM-5JWTWV%20-%20230&z=931545279

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 23:44:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12295
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-jWAbTrprH-6UR.js Show response
rules.quantcount.com/ 1 KB
1 KB 91ms
9ms Script
application/javascript 2600:9000:223c:8c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-jWAbTrprH-6UR.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc8530ea4ddaa58f89055cfe45cf74858650c40cc7d6d81aefb5600be61c2c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 02:45:33 GMT
content-encoding: gzip
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1430
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 10 Nov 2022 20:31:02 GMT
server: AmazonS3
etag: W/"7d829ea191ce4495fb5694e0e871a5a8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: dHaJslfQFQVJgNckpiP0aR4yCxCgjO0DNLsVzb9xKv6KdKC1-nfxmA==

GET
H2 200 rules-p-CfFSbUjfpuC2c.js Show response
rules.quantcount.com/ 2 KB
2 KB 91ms
10ms Script
application/javascript 2600:9000:223c:8c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-CfFSbUjfpuC2c.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17f55f6ac6729273c93d0db2ef9708c9fb1f020d2587af6d8dda75cf4b6d7ee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 02:45:33 GMT
content-encoding: gzip
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1430
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Tue, 15 Nov 2022 14:23:09 GMT
server: AmazonS3
etag: W/"19b2c0880e68b62fd3cad23ab062add6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: r5UmsNOakJFL_WsoonW7gAo8mSYtf00k6FCkOjokOciRubwdJnYY4w==

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame 00B8 677 B
564 B 22ms
16ms Document
text/html 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://userouto.novemberrain.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2113109
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 7ceb89c598973667-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 29 May 2023 03:09:22 GMT
etag: W/"2a5-5edb40e6d10d8"
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff

GET
H3 200 core.26680508.js Show response
static.addtoany.com/menu/modules/ 69 KB
25 KB 229ms
217ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.26680508.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://userouto.novemberrain.lol/
Origin: https://userouto.novemberrain.lol
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:22 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 11 Jan 2023 01:11:29 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: W/"11452-5f1f2ae24215b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 7ceb89c5af809b31-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.1/ 176 KB
48 KB 47ms
9ms Script
application/javascript 108.138.17.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.1/bundle.js
Requested by: Host: 4bbb217ea6254403aa185676f44c955f.js.ubembed.com
URL: https://4bbb217ea6254403aa185676f44c955f.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:37 GMT
content-encoding: gzip
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 18:18:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 1413946
etag: W/"feaa1c0619023f29d47853e5ffd5cec4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: IPcbWJLMrbFWdJRH90tJzSE27csvvmWvLh3ms9dKxKokI88DJgSaRg==

GET
H2 200 /
www.google.com/pagead/1p-user-list/10816769591/ 42 B
455 B 158ms
52ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10816769591/?random=1685329761788&cv=11&fst=1685329200000&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuserouto.novemberrain.lol%2F&label=hkcwCOrtuIYDELec66Uo&frm=0&tiba=Home%20%7C%20Doctors%20Without%20Borders%20-%20USA&fmt=3&is_vtc=1&random=2944447416&rmt_tld=0&ipr=y

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10816769591/ 42 B
455 B 177ms
61ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10816769591/?random=1685329761788&cv=11&fst=1685329200000&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuserouto.novemberrain.lol%2F&label=hkcwCOrtuIYDELec66Uo&frm=0&tiba=Home%20%7C%20Doctors%20Without%20Borders%20-%20USA&fmt=3&is_vtc=1&random=2944447416&rmt_tld=1&ipr=y

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3915962/domain/userouto.novemberrain.lol/ 36 B
367 B 261ms
159ms XHR
application/json 2600:9000:20eb:ac00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3915962/domain/userouto.novemberrain.lol/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ac00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://userouto.novemberrain.lol/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: TtcBqmHc83ZQUNRFUlhRMwOMk9GB_9koZhI5tE8OC_05hBP6MbhcOA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3915962&time=1685329762233&url=https%3A%2F%2Fuserouto.novemberrain.lol%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3915962&time=1685329762233&url=https%3A%2F%2Fuserouto.novemberrain.lol%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3915962%26time%3D1685329762233%26url%3Dhttps%253A%252F%252Fuserouto.novemberrain....
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3915962&time=1685329762233&url=https%3A%2F%2Fuserouto.novemberrain.lol%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3915962&time=1685329762233&url=https%3A%2F%2Fuserouto.novemberrain.lol%2F&cookiesTest=true&liSync=true&e_ipv6=AQL1HYZrJ7JL5AAAAYhle1pPNivOhaEwkJu...

0
266 B

257ms
143ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3915962&time=1685329762233&url=https%3A%2F%2Fuserouto.novemberrain.lol%2F&cookiesTest=true&liSync=true&e_ipv6=AQL1HYZrJ7JL5AAAAYhle1pPNivOhaEwkJuJfCLYy50EeZHmQBAA4A1P_ky7V8-8wv3naCiB
Requested by: Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:23 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: A5245F4FA18E4C13AB0AD4FF53297F14 Ref B: FRAEDGE1418 Ref C: 2023-05-29T03:09:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX8zGncl6yXbyn+YgVA+Q==

Redirect headers

date: Mon, 29 May 2023 03:09:21 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: F012B41101154DF286480E09AA47FEC9 Ref B: FRAEDGE1709 Ref C: 2023-05-29T03:09:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3915962&time=1685329762233&url=https%3A%2F%2Fuserouto.novemberrain.lol%2F&cookiesTest=true&liSync=true&e_ipv6=AQL1HYZrJ7JL5AAAAYhle1pPNivOhaEwkJuJfCLYy50EeZHmQBAA4A1P_ky7V8-8wv3naCiB
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX8zGnYrsQcIm6BUuG6cw==

GET
H2 200 adsct
t.co/1/i/ 43 B
226 B 157ms
120ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=a45f8200-e931-400f-90fc-516b7684a7b6&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=ed81be5e-78a3-4fd5-8d7d-c6dc5e578726&tw_document_href=https%3A%2F%2Fuserouto.novemberrain.lol%2F&tw_iframe_status=0&txn_id=nyanw&type=javascript&version=2.3.29

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 17b4b0e00aa129f1
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7eb53547cc9e74a2c9d15c8791163a6bcc75373ca5812143dfd8f35b8c6263c5
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
540 B 192ms
118ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=a45f8200-e931-400f-90fc-516b7684a7b6&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=ed81be5e-78a3-4fd5-8d7d-c6dc5e578726&tw_document_href=https%3A%2F%2Fuserouto.novemberrain.lol%2F&tw_iframe_status=0&txn_id=nyanw&type=javascript&version=2.3.29

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-response-time: 105
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 0fdfc408b850143d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 5e9e3b546dab8c469f3e65e7f1f0a4b7847a4d68317aa93ce6d926fb9f60cf12
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
378 B 150ms
113ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=5&eci=2&event_id=49cd06e0-0ee3-4d70-876b-89472857bfc7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=ed81be5e-78a3-4fd5-8d7d-c6dc5e578726&tw_document_href=https%3A%2F%2Fuserouto.novemberrain.lol%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyanw&type=javascript&version=2.3.29

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-response-time: 106
date: Mon, 29 May 2023 03:09:21 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: f849e3a1ef9fac19
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7eb53547cc9e74a2c9d15c8791163a6bcc75373ca5812143dfd8f35b8c6263c5
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 179ms
117ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=5&eci=2&event_id=49cd06e0-0ee3-4d70-876b-89472857bfc7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=ed81be5e-78a3-4fd5-8d7d-c6dc5e578726&tw_document_href=https%3A%2F%2Fuserouto.novemberrain.lol%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyanw&type=javascript&version=2.3.29

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-response-time: 105
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 27464effc889bc0c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 5e9e3b546dab8c469f3e65e7f1f0a4b7847a4d68317aa93ce6d926fb9f60cf12
content-length: 43

GET
H2 200 323153831229307 Show response
connect.facebook.net/signals/config/ 379 KB
108 KB 12ms
11ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/323153831229307?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7fb2bb5e65e819d72dd3267f270d16b79f9d943826b7be4c612aa4dd6c7ec3f2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 29 May 2023 03:09:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110319
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: nMd0LfSN9SrXWcbv1bz6M04N8yOiQoalfjzvmQigNOCIII4JbIcu6yoQ0s67+7+xie1MqTO/Ppsa6/oF4desLA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 122ms
101ms Image
image/gif 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1685329762279&id=t2_6162lzoh&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=1099494f-5133-4b86-b286-d1b980559d75&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Requested by: Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:22 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/590821781/ 42 B
108 B 54ms
53ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/590821781/?random=1685329761783&cv=11&fst=1685329200000&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuserouto.novemberrain.lol%2F&label=GM7DCK7mtf8BEJXz3JkC&frm=0&tiba=Home%20%7C%20Doctors%20Without%20Borders%20-%20USA&fmt=3&is_vtc=1&random=336549776&rmt_tld=0&ipr=y

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/590821781/ 42 B
108 B 52ms
51ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/590821781/?random=1685329761783&cv=11&fst=1685329200000&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuserouto.novemberrain.lol%2F&label=GM7DCK7mtf8BEJXz3JkC&frm=0&tiba=Home%20%7C%20Doctors%20Without%20Borders%20-%20USA&fmt=3&is_vtc=1&random=336549776&rmt_tld=1&ipr=y

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5438331.js Show response
bat.bing.com/p/action/ 0
136 B 105ms
102ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5438331.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 29 May 2023 03:09:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D75DF269EBDB4CEB8393C864F470A9D1 Ref B: FRAEDGE2014 Ref C: 2023-05-29T03:09:22Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 26343063.js Show response
bat.bing.com/p/action/ 0
117 B 109ms
107ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26343063.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 29 May 2023 03:09:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 72DF1C59B19A4FFBA8DFF219D36F6269 Ref B: FRAEDGE2014 Ref C: 2023-05-29T03:09:22Z
x-cache: CONFIG_NOCACHE

GET
H2 204 18000052.js Show response
bat.bing.com/p/action/ 0
118 B 109ms
108ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/18000052.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 29 May 2023 03:09:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B963B77DE992412993D1C66ED7CEBB04 Ref B: FRAEDGE2014 Ref C: 2023-05-29T03:09:22Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/954403982/ 3 KB
2 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/954403982/?random=1685329762290&cv=9&fst=1685329762290&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fuserouto.novemberrain.lol%2F&tiba=Home%20%7C%20Doctors%20Without%20Borders%20-%20USA&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b064d595f94041974d37017a1ed1dff0501e772fe7fcd092c53afe972d5c10a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1411
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10140667.json Show response
s.yimg.com/wi/config/ 2 B
486 B 173ms
126ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10140667.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: YG2JFJBB3Y686DWG
age: 0
content-length: 22
x-amz-id-2: J0p6PQ9TryfbZlmZtKgXREYVnVPhxKUmTs0XvunMzxh4x6Pwra9MLpQvyotUsyK8VDHTV8O2NTY=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

POST
H2 204 collect
region1.google-analytics.com/g/ 0
261 B 52ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9764BMZSVR&gtm=45je35o0&_p=2114781233&cid=2037264111.1685329762&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&dl=https%3A%2F%2Fuserouto.novemberrain.lol%2F&dt=Home%20%7C%20Doctors%20Without%20Borders%20-%20USA&dp=%2F&sid=1685329762&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.debug_mode=false&ep.client_container_info=GTM-5JWTWV%20v230&ep.client_timestamp_iso=2023-05-29T03%3A09%3A21.791%2B00%3A00&ep.client_timezone=0&ep.value=&up.last_timezone=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9764BMZSVR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://userouto.novemberrain.lol
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.js Show response
my.hellobar.com/ 254 KB
73 KB 31ms
31ms Script
text/javascript 2606:4700:10::6816:f17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/modules.js
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/43d268f2208a5419f79d4e637bafb97a74a37c24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7181f66fd7038a68b26cbb290d8af50cbcce22e24737373fe69bb8f925a5fd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 8JYR94GCSAFBM3AB
age: 783
cf-polished: origSize=260636
x-amz-server-side-encryption: AES256
x-amz-id-2: 0DhwqkGN9WfFLu7hqLIyYmWnGfJELAhstoJe89500nIM8/zjra3l+2f9e8Q7iP9+3yXx4MLLFcY=
cf-bgj: minify
last-modified: Tue, 21 Mar 2023 14:22:08 GMT
server: cloudflare
etag: W/"15367a2c7f16f7a1e7b3409dd910b082"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 7ceb89c6dd591d92-FRA

GET
H2 204 0
bat.bing.com/action/ 0
285 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5438331&Ver=2&mid=00caa8b3-2266-4167-baf8-b20a67c2824e&sid=35af9e90fdce11ed99fbc52e6e962acc&vid=35afc1c0fdce11ed8ea3ed732047a98a&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Home%20%7C%20Doctors%20Without%20Borders%20-%20USA&p=https%3A%2F%2Fuserouto.novemberrain.lol%2F&r=&lt=1412&evt=pageLoad&sv=1&rn=312492

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 May 2023 03:09:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1B66087ADF2C47DB9174EE5C3B593861 Ref B: FRAEDGE2014 Ref C: 2023-05-29T03:09:22Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
227 B 78ms
77ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26343063&Ver=2&mid=9317319d-dea3-44c7-9f75-388563d31272&sid=35af9e90fdce11ed99fbc52e6e962acc&vid=35afc1c0fdce11ed8ea3ed732047a98a&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Home%20%7C%20Doctors%20Without%20Borders%20-%20USA&p=https%3A%2F%2Fuserouto.novemberrain.lol%2F&r=&lt=1412&evt=pageLoad&sv=1&rn=987273

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 May 2023 03:09:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7A1F6F2F507646558487E91008AB209D Ref B: FRAEDGE2014 Ref C: 2023-05-29T03:09:22Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
227 B 77ms
76ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=18000052&Ver=2&mid=9eb9a72d-74a4-4050-ae6b-a53958b2117d&sid=35af9e90fdce11ed99fbc52e6e962acc&vid=35afc1c0fdce11ed8ea3ed732047a98a&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Home%20%7C%20Doctors%20Without%20Borders%20-%20USA&p=https%3A%2F%2Fuserouto.novemberrain.lol%2F&r=&lt=1412&evt=pageLoad&sv=1&rn=571448

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 May 2023 03:09:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8901B1BA5F6446798D04687DCA2422C8 Ref B: FRAEDGE2014 Ref C: 2023-05-29T03:09:22Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 139 B
865 B 116ms
30ms Fetch
application/json 104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fuserouto.novemberrain.lol%2F&advertiser_id=41240
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9f015a1988ca9904199b1f6947009cedfefe5f2de7b8e7d28ba0ad041a2146ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:22 GMT
Observe-Browsing-Topics: ?1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://userouto.novemberrain.lol
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Origin-Trial: Az9xQo/imzWWuauBg0JngENQMoxulJzGzdGQ0VfUZDk7et2DJfmfUxfOWnHlwQiZRFG+Grc8bH8xWgOPW2ltjQQAAAB+eyJvcmlnaW4iOiJodHRwczovL3RlYWRzLnR2OjQ0MyIsImZlYXR1cmUiOiJQcml2YWN5U2FuZGJveEFkc0FQSXMiLCJleHBpcnkiOjE2ODA2NTI3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
Connection: keep-alive
Content-Length: 139
Expires: Mon, 29 May 2023 03:09:22 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 46ms
46ms Image
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-K5Q6FPH&cv=161&v=3&t=t&pid=603087768&rv=35o0&es=1&e=gtm.js&eid=5&u=AAAAAAAIAAAAAAAI&h=Ag&tc=2&tr=1asprv.5asprv&ti=1asprv.1asprv&z=0

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:22 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 76 KB
22 KB 91ms
8ms Script
application/javascript 23.55.110.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JWTWV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.110.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-110-200.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9584e01c9e0b3e5a9eab6e960eeda441896c6f0da4d40062a4925b9f63370738

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 15:16:07 GMT
server: AmazonS3
x-amz-request-id: 30BWG7PRVYQAJSPD
x-amz-cf-pop: FRA56-C1
etag: "30ffb8d6ca1409bc5da2d7dad3c36fe1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 4xhOLSF5ptf2xkbO2lNm3jrbTgtOQMh5FN9aNnAvRVXliB4oac37cw==
x-amz-id-2: annQhbxn+onmjvICc0s8zD5zxgbNbxg3sIWlbfz4IhyF9IEOMGmdvWLX3yV3QCt9mBDKW1YMX68=
content-length: 22605

GET
H2 200 pixel;r=479596015;event=refresh;labels=_fp.event.Homepage;source=gtm;rf=0;a=p-jWAbTrprH-6UR;url=https%3A%2F%2Fuserouto.novemberrain.lol%2F;uht=2;fpan=1;fpa=P0-130594352-1685329762095;pbc=;ns=0;ce=1...
pixel.quantserve.com/ 35 B
372 B 25ms
9ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=479596015;event=refresh;labels=_fp.event.Homepage;source=gtm;rf=0;a=p-jWAbTrprH-6UR;url=https%3A%2F%2Fuserouto.novemberrain.lol%2F;uht=2;fpan=1;fpa=P0-130594352-1685329762095;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=novemberrain.lol;dst=0;et=1685329762511;tzo=0;ogl=site_name.Doctors%20Without%20Borders%20-%20USA%2Ctype.News%2Curl.https%3A%2F%2Fwww%252Edoctorswithoutborders%252Eorg%2F%2Ctitle.Home%20%7C%20Doctors%20Without%20Borders%20-%20USA%2Cdescription.M%C3%A9decins%20Sans%20Fronti%C3%A8res%2FDoctors%20Without%20Borders%20(MSF)%20treats%20people%20where%20the%20n%2Cimage.https%3A%2F%2Fwww%252Edoctorswithoutborders%252Eorg%2Fthemes%2Fcustom%2Fmsf%2Fmeta_image%252Epng;ses=d78b4347-bbe8-4b89-950f-20023f0c9ab9;mdl=

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=1861837942;event=refresh;labels=_fp.event.Homepage;source=gtm;rf=0;a=p-CfFSbUjfpuC2c;url=https%3A%2F%2Fuserouto.novemberrain.lol%2F;uht=2;fpan=1;fpa=P0-130594352-1685329762095;pbc=;ns=0;ce=...
pixel.quantserve.com/ 35 B
372 B 24ms
9ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1861837942;event=refresh;labels=_fp.event.Homepage;source=gtm;rf=0;a=p-CfFSbUjfpuC2c;url=https%3A%2F%2Fuserouto.novemberrain.lol%2F;uht=2;fpan=1;fpa=P0-130594352-1685329762095;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=novemberrain.lol;dst=0;et=1685329762513;tzo=0;ogl=site_name.Doctors%20Without%20Borders%20-%20USA%2Ctype.News%2Curl.https%3A%2F%2Fwww%252Edoctorswithoutborders%252Eorg%2F%2Ctitle.Home%20%7C%20Doctors%20Without%20Borders%20-%20USA%2Cdescription.M%C3%A9decins%20Sans%20Fronti%C3%A8res%2FDoctors%20Without%20Borders%20(MSF)%20treats%20people%20where%20the%20n%2Cimage.https%3A%2F%2Fwww%252Edoctorswithoutborders%252Eorg%2Fthemes%2Fcustom%2Fmsf%2Fmeta_image%252Epng;ses=d78b4347-bbe8-4b89-950f-20023f0c9ab9;mdl=

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 121ms
39ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2029%20May%202023%2003%3A09%3A22%20GMT&n=0&b=Home%20%7C%20Doctors%20Without%20Borders%20-%20USA&.yp=10140667&f=https%3A%2F%2Fuserouto.novemberrain.lol%2F&enc=UTF-8&yv=1.14.0&tagmgr=gtm

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 29 May 2023 03:09:22 GMT

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 102ms
101ms Stylesheet
text/css 54.175.167.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.167.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-167-136.compute-1.amazonaws.com
Software: /
Resource Hash: e1696dc35f72dece9399a42aeed5a4a5065e5af2429d8ee52bad9f0a76f7249f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 29 May 2023 03:09:22 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
793 B 309ms
102ms Fetch
image/jpeg 54.175.167.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.167.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-167-136.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 29 May 2023 03:09:22 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H3 200 /
www.google.com/pagead/1p-user-list/954403982/ 42 B
64 B 52ms
52ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/954403982/?random=1685329762290&cv=9&fst=1685329200000&num=1&guid=ON&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fuserouto.novemberrain.lol%2F&tiba=Home%20%7C%20Doctors%20Without%20Borders%20-%20USA&fmt=3&is_vtc=1&random=4031765232&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/954403982/ 42 B
108 B 50ms
49ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/954403982/?random=1685329762290&cv=9&fst=1685329200000&num=1&guid=ON&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fuserouto.novemberrain.lol%2F&tiba=Home%20%7C%20Doctors%20Without%20Borders%20-%20USA&fmt=3&is_vtc=1&random=4031765232&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame C9EF 7 KB
7 KB 110ms
109ms Document
text/html 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=PGu1oIetSlWxAkIInHGjYQ&dmt=3&ex-pl-n-g-hmt=MsRC-xRATOqw9l_kaCwK8g&ep=ttam_T219Ay-cPciHbT10rKvSAe3EGJU-a6zb9tmZuYgPuVOyvz9IRm1K6CjMwIAaPbSXb8fXjYyccAW_6WORZBfYzNliWSUnqrczo0vn9uVUug0-Zkel9SN6RSDF5SSp5Z567haBNdcplYOnILDOHWrbDxC5znFba3L5pL_E9DY6V_-flsQF5-Vo3lWoHYwGoR5Brcj78opw2-NdOWc1sV2pFLasM3N_6-5RO6dTMX2lk2kNUbelVC-YECI8ZOIQ3IivQRGnDVMKPcN6riipCaiIrLKkbD_UPc6KDfeOtA8gceSTDtoXLgJpfJpH5rX0DGqggo4yaKb3cqvXRuXKltV0b6dLfzUuEIf_mXxfXvRCCl_hU9-JrzF6sqARugcaSfIiDyfYSdXg27egbhe78-9GYCUkDHmYBlPt_mG1g_UX8WFdSplNQDGLIUWCoc95Z65swbECWsasgc0lU7Y8G3JTebsX-5Ptj9m3sO8xwWQVUtU5lC0xC1BIWi1iuLCYHIF5uqVw3yNVsNjm6wIqrSgNOcmzdGth8TaGyVo71C0D8b0e_e173sevRN2G8r8u9AkxvqKz2WGUQEUsthA1vYEoGNqEEpuHHxg4FOdNJ7WTbnFIZlonUxARa8t3prkPUVdMobmvuXwadkR3l9iYt3j__wjr4GKBkyP6ynWcqjvGPv0K8dFJGLbZZmyJjNY379Dj9kzyC2uhZxuKJucKDrMpxy5tbLhnrLgqiltyRmqNac3_AE0n3RlRLX-sBku4Fn_hVhjeUf6i5iu6Rp49x-tOp379_SVBT_fmWgSYxtYCWPZ0Nmmf5QK4pVFki5b

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D1ab1dab3-3f1f-fde7-6bbb-bf7206aa7e5a%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.doctorswithoutborders.org/&ex-hargs=v%3D1.0%3Bc%3D9098931520801%3Bp%3D1AB1DAB3-3F1F-FDE7-6BBB-BF7206AA7E5A&cb=467878604342963000&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c93b08e813b2d06bdb0d864c11abe5827bd58dffd80c94be46716e29f695bbf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D1ab1dab3-3f1f-fde7-6bbb-bf7206aa7e5a%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.doctorswithoutborders.org/&ex-hargs=v%3D1.0%3Bc%3D9098931520801%3Bp%3D1AB1DAB3-3F1F-FDE7-6BBB-BF7206AA7E5A&cb=467878604342963000&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 6911
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 29 May 2023 03:09:22 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 3PCMG3SR7Z793DXXPSW8

GET
H/1.1 200
OK is Show response
52.22.50.55/ 32 B
437 B 419ms
114ms Fetch
text/plain 52.22.50.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://52.22.50.55/is
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=33760&tdr=&plh=https%3A%2F%2Fuserouto.novemberrain.lol%2F&cb=45995568023416180term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.22.50.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-50-55.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 05cb641ad248bc8a5673d34e27f6c83126cf4bf4ed22518d7f66bc84b7207328

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:22 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 32
x-application-context: application:prod:8080

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 23ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=323153831229307&ev=PageView&dl=https%3A%2F%2Fuserouto.novemberrain.lol%2F&rl=&if=false&ts=1685329762568&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1685329762566.63974769&cs_est=true&it=1685329762270&coo=false&rqm=GET

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 29 May 2023 03:09:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 track
t.teads.tv/ 23 B
143 B 115ms
36ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-web&tag_version=6.13.2_6bb02dc&provider=tag&advertiser_id=41240&referer=https%3A%2F%2Fuserouto.novemberrain.lol%2F&user_session_id=f3a236a1-ac33-46a8-b137-126452d83000
Requested by: Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Mon, 29 May 2023 03:09:22 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 6245 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/ 641 B
640 B 281ms
254ms XHR
application/octet-stream 23.55.110.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/6245
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.110.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-110-200.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bea4e5a6c5a8bf710766cd085eaa064d8a57b4865e866df47b46b285ab7bae40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: DalDdR5DQfplLHlqI969eKlWDpEDUtfm
content-encoding: gzip
date: Mon, 29 May 2023 03:09:22 GMT
last-modified: Thu, 10 Dec 2020 18:17:35 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "123ce5b72e2e02685141b0fa1384a07c"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=84
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-amz-cf-id: 2uZ4kaP5QMcbTm5APiOVcjDs4hKfxl8CII-ddSUTZQQj_YcaTKKsFQ==
content-length: 319

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=y9eixkKySzmo5Tg3J4mdOg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3Dy9eixkKySzmo5Tg3J4mdOg%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=y9eixkKySzmo5Tg3J4mdOg

43 B
479 B

242ms
126ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=y9eixkKySzmo5Tg3J4mdOg

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=PGu1oIetSlWxAkIInHGjYQ&dmt=3&ex-pl-n-g-hmt=MsRC-xRATOqw9l_kaCwK8g&ep=ttam_T219Ay-cPciHbT10rKvSAe3EGJU-a6zb9tmZuYgPuVOyvz9IRm1K6CjMwIAaPbSXb8fXjYyccAW_6WORZBfYzNliWSUnqrczo0vn9uVUug0-Zkel9SN6RSDF5SSp5Z567haBNdcplYOnILDOHWrbDxC5znFba3L5pL_E9DY6V_-flsQF5-Vo3lWoHYwGoR5Brcj78opw2-NdOWc1sV2pFLasM3N_6-5RO6dTMX2lk2kNUbelVC-YECI8ZOIQ3IivQRGnDVMKPcN6riipCaiIrLKkbD_UPc6KDfeOtA8gceSTDtoXLgJpfJpH5rX0DGqggo4yaKb3cqvXRuXKltV0b6dLfzUuEIf_mXxfXvRCCl_hU9-JrzF6sqARugcaSfIiDyfYSdXg27egbhe78-9GYCUkDHmYBlPt_mG1g_UX8WFdSplNQDGLIUWCoc95Z65swbECWsasgc0lU7Y8G3JTebsX-5Ptj9m3sO8xwWQVUtU5lC0xC1BIWi1iuLCYHIF5uqVw3yNVsNjm6wIqrSgNOcmzdGth8TaGyVo71C0D8b0e_e173sevRN2G8r8u9AkxvqKz2WGUQEUsthA1vYEoGNqEEpuHHxg4FOdNJ7WTbnFIZlonUxARa8t3prkPUVdMobmvuXwadkR3l9iYt3j__wjr4GKBkyP6ynWcqjvGPv0K8dFJGLbZZmyJjNY379Dj9kzyC2uhZxuKJucKDrMpxy5tbLhnrLgqiltyRmqNac3_AE0n3RlRLX-sBku4Fn_hVhjeUf6i5iu6Rp49x-tOp379_SVBT_fmWgSYxtYCWPZ0Nmmf5QK4pVFki5b

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2BFH7E1AH953VZG9AW9Z
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 29 May 2023 03:09:22 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.151; 185.213.155.151; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a34c99c5-f788-487f-a759-1e22200537fd
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=y9eixkKySzmo5Tg3J4mdOg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=B4LuO4nwTTaEIBKOPC9OXg&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=B4LuO4nwTTaEIBKOPC9OXg&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=956fda14-3a70-4a31-afbe-35518f262f9a

43 B
479 B

238ms
113ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=956fda14-3a70-4a31-afbe-35518f262f9a

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J9V4G6Q277VFSD1ENFHH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=956fda14-3a70-4a31-afbe-35518f262f9a
access-control-allow-origin: *
date: Mon, 29 May 2023 03:09:22 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame C9EF 43 B
163 B 130ms
17ms Image
image/gif 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=NyhGVGBhRyi2jQaC2wQbZQ&redirurl=https://s.amazon-adsystem.com/ecm3?ex=equativHMT%26id%3D%26sspid%3DSMART_USER_ID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=PGu1oIetSlWxAkIInHGjYQ&dmt=3&ex-pl-n-g-hmt=MsRC-xRATOqw9l_kaCwK8g&ep=ttam_T219Ay-cPciHbT10rKvSAe3EGJU-a6zb9tmZuYgPuVOyvz9IRm1K6CjMwIAaPbSXb8fXjYyccAW_6WORZBfYzNliWSUnqrczo0vn9uVUug0-Zkel9SN6RSDF5SSp5Z567haBNdcplYOnILDOHWrbDxC5znFba3L5pL_E9DY6V_-flsQF5-Vo3lWoHYwGoR5Brcj78opw2-NdOWc1sV2pFLasM3N_6-5RO6dTMX2lk2kNUbelVC-YECI8ZOIQ3IivQRGnDVMKPcN6riipCaiIrLKkbD_UPc6KDfeOtA8gceSTDtoXLgJpfJpH5rX0DGqggo4yaKb3cqvXRuXKltV0b6dLfzUuEIf_mXxfXvRCCl_hU9-JrzF6sqARugcaSfIiDyfYSdXg27egbhe78-9GYCUkDHmYBlPt_mG1g_UX8WFdSplNQDGLIUWCoc95Z65swbECWsasgc0lU7Y8G3JTebsX-5Ptj9m3sO8xwWQVUtU5lC0xC1BIWi1iuLCYHIF5uqVw3yNVsNjm6wIqrSgNOcmzdGth8TaGyVo71C0D8b0e_e173sevRN2G8r8u9AkxvqKz2WGUQEUsthA1vYEoGNqEEpuHHxg4FOdNJ7WTbnFIZlonUxARa8t3prkPUVdMobmvuXwadkR3l9iYt3j__wjr4GKBkyP6ynWcqjvGPv0K8dFJGLbZZmyJjNY379Dj9kzyC2uhZxuKJucKDrMpxy5tbLhnrLgqiltyRmqNac3_AE0n3RlRLX-sBku4Fn_hVhjeUf6i5iu6Rp49x-tOp379_SVBT_fmWgSYxtYCWPZ0Nmmf5QK4pVFki5b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:22 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=216613104531000151221&ex=neustar.biz

43 B
479 B

116ms
116ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=216613104531000151221&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 80ZJTCK10VH8PC78A2MN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:22 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=216613104531000151221&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=iJVOjJR0SkyIoHuvWiJEkw&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=iJVOjJR0SkyIoHuvWiJEkw&C=1
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZHQXYmCyJbFsD5PT1G.iyQAA

43 B
479 B

162ms
109ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZHQXYmCyJbFsD5PT1G.iyQAA

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RZ8QYCGY669ZCHKZHBTH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZHQXYmCyJbFsD5PT1G.iyQAA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=8cc89e15836a67a69528e13a146e1c0f

43 B
479 B

267ms
113ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=8cc89e15836a67a69528e13a146e1c0f

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5044WBN9NT253NHE4VJ5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=8cc89e15836a67a69528e13a146e1c0f
date: Mon, 29 May 2023 03:09:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

262ms
114ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: S34VWD6RMAPKAG5QKQZT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Mon, 29 May 2023 03:09:22 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=AOSCi9Y9QQ6Llk7fjfFy9g
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=AOSCi9Y9QQ6Llk7fjfFy9g

43 B
479 B

273ms
104ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=AOSCi9Y9QQ6Llk7fjfFy9g

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GGRJ9T5DFWR3B902CXCW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=AOSCi9Y9QQ6Llk7fjfFy9g
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=a9c15d9b-0043-4908-a9d2-390440e44234

43 B
479 B

300ms
112ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=a9c15d9b-0043-4908-a9d2-390440e44234

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6AVE3364CETX4WXZSZXD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=a9c15d9b-0043-4908-a9d2-390440e44234
Date: Mon, 29 May 2023 03:09:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=70561f2512e34b709167ad635e49f7bf

43 B
479 B

188ms
115ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=70561f2512e34b709167ad635e49f7bf

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QSMS55AVF372FYWKP3QN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=70561f2512e34b709167ad635e49f7bf
date: Mon, 29 May 2023 03:09:22 GMT
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame C9EF 0
122 B 71ms
16ms Image
text/plain 188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=l44rxA7sS0GO1pF_B8-8Hw&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT2&id=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-jm5g5
date: Mon, 29 May 2023 03:09:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini
https://s.amazon-adsystem.com/ecm3?id=y-MiohfaNE2pH4izRKxPzzPtcCkE5XJvh3p3Fu~A&status=OK&ex=gemini

43 B
479 B

113ms
113ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=y-MiohfaNE2pH4izRKxPzzPtcCkE5XJvh3p3Fu~A&status=OK&ex=gemini

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 20DD83X7FR2P42K20X8P
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=y-MiohfaNE2pH4izRKxPzzPtcCkE5XJvh3p3Fu~A&status=OK&ex=gemini
date: Mon, 29 May 2023 03:09:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=20ac5d7d84fcd3a1b2e32cfd303d5bf8&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

189ms
107ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=20ac5d7d84fcd3a1b2e32cfd303d5bf8&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: A99DYVJGKJX0DAQAJDMK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:22 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=20ac5d7d84fcd3a1b2e32cfd303d5bf8&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1685329762717085-590
Expires: Mon, 29 May 2023 03:09:22 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

111ms
106ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PFAXRCGHH2NEXEQYB4E3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 29 May 2023 03:09:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=ZJ1YKTGJCG5R6TYXG7EP:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: ZJ1YKTGJCG5R6TYXG7EP
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: NaKzx6bzUj_CdfyfTHnNJddQdGR9PvAWSnWtaMb--1Kdfcz4LSa48A==

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame C9EF 0
338 B 152ms
29ms Image
text/plain 34.243.48.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=PGu1oIetSlWxAkIInHGjYQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=PGu1oIetSlWxAkIInHGjYQ&dmt=3&ex-pl-n-g-hmt=MsRC-xRATOqw9l_kaCwK8g&ep=ttam_T219Ay-cPciHbT10rKvSAe3EGJU-a6zb9tmZuYgPuVOyvz9IRm1K6CjMwIAaPbSXb8fXjYyccAW_6WORZBfYzNliWSUnqrczo0vn9uVUug0-Zkel9SN6RSDF5SSp5Z567haBNdcplYOnILDOHWrbDxC5znFba3L5pL_E9DY6V_-flsQF5-Vo3lWoHYwGoR5Brcj78opw2-NdOWc1sV2pFLasM3N_6-5RO6dTMX2lk2kNUbelVC-YECI8ZOIQ3IivQRGnDVMKPcN6riipCaiIrLKkbD_UPc6KDfeOtA8gceSTDtoXLgJpfJpH5rX0DGqggo4yaKb3cqvXRuXKltV0b6dLfzUuEIf_mXxfXvRCCl_hU9-JrzF6sqARugcaSfIiDyfYSdXg27egbhe78-9GYCUkDHmYBlPt_mG1g_UX8WFdSplNQDGLIUWCoc95Z65swbECWsasgc0lU7Y8G3JTebsX-5Ptj9m3sO8xwWQVUtU5lC0xC1BIWi1iuLCYHIF5uqVw3yNVsNjm6wIqrSgNOcmzdGth8TaGyVo71C0D8b0e_e173sevRN2G8r8u9AkxvqKz2WGUQEUsthA1vYEoGNqEEpuHHxg4FOdNJ7WTbnFIZlonUxARa8t3prkPUVdMobmvuXwadkR3l9iYt3j__wjr4GKBkyP6ynWcqjvGPv0K8dFJGLbZZmyJjNY379Dj9kzyC2uhZxuKJucKDrMpxy5tbLhnrLgqiltyRmqNac3_AE0n3RlRLX-sBku4Fn_hVhjeUf6i5iu6Rp49x-tOp379_SVBT_fmWgSYxtYCWPZ0Nmmf5QK4pVFki5b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.48.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-48-125.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by: beacon-n021-dub-prod.krxd.net
date: Mon, 29 May 2023 03:09:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1685329763
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://s.amazon-adsystem.com/ecm3?id=956fda14-3a70-4a31-afbe-35518f262f9a&ex=improvedigital.com

43 B
479 B

117ms
105ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=956fda14-3a70-4a31-afbe-35518f262f9a&ex=improvedigital.com

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 95GRAF0HTJ1QHR2G0Q1C
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=956fda14-3a70-4a31-afbe-35518f262f9a&ex=improvedigital.com
access-control-allow-origin: *
date: Mon, 29 May 2023 03:09:23 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 pixel.gif
usersync.samplicio.us/amazon/ Frame C9EF 0
186 B 330ms
101ms Image
text/plain 54.227.216.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=PGu1oIetSlWxAkIInHGjYQ&dmt=3&ex-pl-n-g-hmt=MsRC-xRATOqw9l_kaCwK8g&ep=ttam_T219Ay-cPciHbT10rKvSAe3EGJU-a6zb9tmZuYgPuVOyvz9IRm1K6CjMwIAaPbSXb8fXjYyccAW_6WORZBfYzNliWSUnqrczo0vn9uVUug0-Zkel9SN6RSDF5SSp5Z567haBNdcplYOnILDOHWrbDxC5znFba3L5pL_E9DY6V_-flsQF5-Vo3lWoHYwGoR5Brcj78opw2-NdOWc1sV2pFLasM3N_6-5RO6dTMX2lk2kNUbelVC-YECI8ZOIQ3IivQRGnDVMKPcN6riipCaiIrLKkbD_UPc6KDfeOtA8gceSTDtoXLgJpfJpH5rX0DGqggo4yaKb3cqvXRuXKltV0b6dLfzUuEIf_mXxfXvRCCl_hU9-JrzF6sqARugcaSfIiDyfYSdXg27egbhe78-9GYCUkDHmYBlPt_mG1g_UX8WFdSplNQDGLIUWCoc95Z65swbECWsasgc0lU7Y8G3JTebsX-5Ptj9m3sO8xwWQVUtU5lC0xC1BIWi1iuLCYHIF5uqVw3yNVsNjm6wIqrSgNOcmzdGth8TaGyVo71C0D8b0e_e173sevRN2G8r8u9AkxvqKz2WGUQEUsthA1vYEoGNqEEpuHHxg4FOdNJ7WTbnFIZlonUxARa8t3prkPUVdMobmvuXwadkR3l9iYt3j__wjr4GKBkyP6ynWcqjvGPv0K8dFJGLbZZmyJjNY379Dj9kzyC2uhZxuKJucKDrMpxy5tbLhnrLgqiltyRmqNac3_AE0n3RlRLX-sBku4Fn_hVhjeUf6i5iu6Rp49x-tOp379_SVBT_fmWgSYxtYCWPZ0Nmmf5QK4pVFki5b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.216.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-216-222.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:23 GMT
x-ratelimit-remaining: 0
location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
cache-control: no-cache, no-store, must-revalidate
x-ratelimit-reset: 0
x-ratelimit-limit: 0
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=1146987608d7a3bed

43 B
479 B

126ms
110ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=1146987608d7a3bed

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SE7X3RW2G1PZNG8WPE67
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 29 May 2023 03:09:23 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=1146987608d7a3bed
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
critical-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-5cLmwW1QxidHU-UZdDteg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-5cLmwW1QxidHU-UZdDteg

43 B
479 B

117ms
117ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-5cLmwW1QxidHU-UZdDteg

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 469R4Q95W44R334RN7JF
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-5cLmwW1QxidHU-UZdDteg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=FPQW78aFQHqqxzAIueAsyA&redirectId=2545
https://s.amazon-adsystem.com/ecm3?id=1e7b8f2b310f82f425323bf1423d&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=FPQW78aFQHqqxzAIueAsyA

43 B
479 B

114ms
114ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=1e7b8f2b310f82f425323bf1423d&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=FPQW78aFQHqqxzAIueAsyA

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DQEPC09N3VQP4VVXA6RA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=1e7b8f2b310f82f425323bf1423d&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=FPQW78aFQHqqxzAIueAsyA
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1685329762831065-513
Expires: Mon, 29 May 2023 03:09:23 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=ND_2wzauQqy9rTzVxABp0g&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=ND_2wzauQqy9rTzVxABp0g&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=21932032181932720453513384379114052225

43 B
479 B

107ms
106ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=21932032181932720453513384379114052225

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: E45WQFADYS7E2ZVPZF03
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v048-098c759e0.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: zbhHGNEVQrI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=21932032181932720453513384379114052225
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 v2
odr.mookie1.com/t/ Frame C9EF 42 B
213 B 82ms
20ms Image
image/gif 34.160.236.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=FNTFg2AWS2m9lRkskapH3g
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=PGu1oIetSlWxAkIInHGjYQ&dmt=3&ex-pl-n-g-hmt=MsRC-xRATOqw9l_kaCwK8g&ep=ttam_T219Ay-cPciHbT10rKvSAe3EGJU-a6zb9tmZuYgPuVOyvz9IRm1K6CjMwIAaPbSXb8fXjYyccAW_6WORZBfYzNliWSUnqrczo0vn9uVUug0-Zkel9SN6RSDF5SSp5Z567haBNdcplYOnILDOHWrbDxC5znFba3L5pL_E9DY6V_-flsQF5-Vo3lWoHYwGoR5Brcj78opw2-NdOWc1sV2pFLasM3N_6-5RO6dTMX2lk2kNUbelVC-YECI8ZOIQ3IivQRGnDVMKPcN6riipCaiIrLKkbD_UPc6KDfeOtA8gceSTDtoXLgJpfJpH5rX0DGqggo4yaKb3cqvXRuXKltV0b6dLfzUuEIf_mXxfXvRCCl_hU9-JrzF6sqARugcaSfIiDyfYSdXg27egbhe78-9GYCUkDHmYBlPt_mG1g_UX8WFdSplNQDGLIUWCoc95Z65swbECWsasgc0lU7Y8G3JTebsX-5Ptj9m3sO8xwWQVUtU5lC0xC1BIWi1iuLCYHIF5uqVw3yNVsNjm6wIqrSgNOcmzdGth8TaGyVo71C0D8b0e_e173sevRN2G8r8u9AkxvqKz2WGUQEUsthA1vYEoGNqEEpuHHxg4FOdNJ7WTbnFIZlonUxARa8t3prkPUVdMobmvuXwadkR3l9iYt3j__wjr4GKBkyP6ynWcqjvGPv0K8dFJGLbZZmyJjNY379Dj9kzyC2uhZxuKJucKDrMpxy5tbLhnrLgqiltyRmqNac3_AE0n3RlRLX-sBku4Fn_hVhjeUf6i5iu6Rp49x-tOp379_SVBT_fmWgSYxtYCWPZ0Nmmf5QK4pVFki5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:23 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5191219381655276274

43 B
479 B

111ms
111ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5191219381655276274

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: R63VTPVM3Q4TWK2DZ56E
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5191219381655276274
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=36388107-fdce-11ed-8f02-194044dd0406
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=363880c0-fdce-11ed-8f02-194044dd0406

43 B
479 B

105ms
105ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=363880c0-fdce-11ed-8f02-194044dd0406

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9TC2BEKYBYQ33VD597C7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 29 May 2023 03:09:23 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=363880c0-fdce-11ed-8f02-194044dd0406
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 130
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=057c8321-fb0d-4644-9d8a-4e8924124cb5

43 B
479 B

113ms
113ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=057c8321-fb0d-4644-9d8a-4e8924124cb5

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B7WV49JB3BJEQSQA3Y4M
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=057c8321-fb0d-4644-9d8a-4e8924124cb5
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: private
content-length: 211
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEEeP7SZZeBRObiek0Lr994U&google_cver=1

43 B
479 B

109ms
109ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEEeP7SZZeBRObiek0Lr994U&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BWWZH5RT2EKPMST292FY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEEeP7SZZeBRObiek0Lr994U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame C9EF 20 B
20 B 345ms
104ms Image
text/plain 52.3.183.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=PGu1oIetSlWxAkIInHGjYQ&dmt=3&ex-pl-n-g-hmt=MsRC-xRATOqw9l_kaCwK8g&ep=ttam_T219Ay-cPciHbT10rKvSAe3EGJU-a6zb9tmZuYgPuVOyvz9IRm1K6CjMwIAaPbSXb8fXjYyccAW_6WORZBfYzNliWSUnqrczo0vn9uVUug0-Zkel9SN6RSDF5SSp5Z567haBNdcplYOnILDOHWrbDxC5znFba3L5pL_E9DY6V_-flsQF5-Vo3lWoHYwGoR5Brcj78opw2-NdOWc1sV2pFLasM3N_6-5RO6dTMX2lk2kNUbelVC-YECI8ZOIQ3IivQRGnDVMKPcN6riipCaiIrLKkbD_UPc6KDfeOtA8gceSTDtoXLgJpfJpH5rX0DGqggo4yaKb3cqvXRuXKltV0b6dLfzUuEIf_mXxfXvRCCl_hU9-JrzF6sqARugcaSfIiDyfYSdXg27egbhe78-9GYCUkDHmYBlPt_mG1g_UX8WFdSplNQDGLIUWCoc95Z65swbECWsasgc0lU7Y8G3JTebsX-5Ptj9m3sO8xwWQVUtU5lC0xC1BIWi1iuLCYHIF5uqVw3yNVsNjm6wIqrSgNOcmzdGth8TaGyVo71C0D8b0e_e173sevRN2G8r8u9AkxvqKz2WGUQEUsthA1vYEoGNqEEpuHHxg4FOdNJ7WTbnFIZlonUxARa8t3prkPUVdMobmvuXwadkR3l9iYt3j__wjr4GKBkyP6ynWcqjvGPv0K8dFJGLbZZmyJjNY379Dj9kzyC2uhZxuKJucKDrMpxy5tbLhnrLgqiltyRmqNac3_AE0n3RlRLX-sBku4Fn_hVhjeUf6i5iu6Rp49x-tOp379_SVBT_fmWgSYxtYCWPZ0Nmmf5QK4pVFki5b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.183.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-183-164.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by: usermatch-a012-ash-prod.krxd.net
date: Mon, 29 May 2023 03:09:23 GMT
content-type: text/plain; charset=utf-8
x-age: 0
content-length: 20
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=18d9a2b9b10c7dd6dc9ce8655fe84d27

43 B
479 B

106ms
105ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=18d9a2b9b10c7dd6dc9ce8655fe84d27

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2JVQ75YCSVFZ5N7PPSXX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 29 May 2023 03:09:23 GMT
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=18d9a2b9b10c7dd6dc9ce8655fe84d27
content-length: 0
x-amz-cf-id: ojOmxq6e0s8M0ptRM96lcO8AKbzDkiNx6KyUUdOgHaHbDzkhoImmLQ==

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame C9EF 43 B
304 B 56ms
20ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=PGu1oIetSlWxAkIInHGjYQ&dmt=3&ex-pl-n-g-hmt=MsRC-xRATOqw9l_kaCwK8g&ep=ttam_T219Ay-cPciHbT10rKvSAe3EGJU-a6zb9tmZuYgPuVOyvz9IRm1K6CjMwIAaPbSXb8fXjYyccAW_6WORZBfYzNliWSUnqrczo0vn9uVUug0-Zkel9SN6RSDF5SSp5Z567haBNdcplYOnILDOHWrbDxC5znFba3L5pL_E9DY6V_-flsQF5-Vo3lWoHYwGoR5Brcj78opw2-NdOWc1sV2pFLasM3N_6-5RO6dTMX2lk2kNUbelVC-YECI8ZOIQ3IivQRGnDVMKPcN6riipCaiIrLKkbD_UPc6KDfeOtA8gceSTDtoXLgJpfJpH5rX0DGqggo4yaKb3cqvXRuXKltV0b6dLfzUuEIf_mXxfXvRCCl_hU9-JrzF6sqARugcaSfIiDyfYSdXg27egbhe78-9GYCUkDHmYBlPt_mG1g_UX8WFdSplNQDGLIUWCoc95Z65swbECWsasgc0lU7Y8G3JTebsX-5Ptj9m3sO8xwWQVUtU5lC0xC1BIWi1iuLCYHIF5uqVw3yNVsNjm6wIqrSgNOcmzdGth8TaGyVo71C0D8b0e_e173sevRN2G8r8u9AkxvqKz2WGUQEUsthA1vYEoGNqEEpuHHxg4FOdNJ7WTbnFIZlonUxARa8t3prkPUVdMobmvuXwadkR3l9iYt3j__wjr4GKBkyP6ynWcqjvGPv0K8dFJGLbZZmyJjNY379Dj9kzyC2uhZxuKJucKDrMpxy5tbLhnrLgqiltyRmqNac3_AE0n3RlRLX-sBku4Fn_hVhjeUf6i5iu6Rp49x-tOp379_SVBT_fmWgSYxtYCWPZ0Nmmf5QK4pVFki5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:23 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=LSYgUjCGb8kcXdDnrQrM_Dc4ZFA4ZgIC

43 B
479 B

106ms
105ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=LSYgUjCGb8kcXdDnrQrM_Dc4ZFA4ZgIC

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: K3BY6ZNN9DDW40HC7PBW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=index&id=LSYgUjCGb8kcXdDnrQrM_Dc4ZFA4ZgIC
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 xuid
eb2.3lift.com/ Frame C9EF 37 B
140 B 43ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=8341&xuid=r9-48zZZTzWMcoTqoyByvw&dongle=az46&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=PGu1oIetSlWxAkIInHGjYQ&dmt=3&ex-pl-n-g-hmt=MsRC-xRATOqw9l_kaCwK8g&ep=ttam_T219Ay-cPciHbT10rKvSAe3EGJU-a6zb9tmZuYgPuVOyvz9IRm1K6CjMwIAaPbSXb8fXjYyccAW_6WORZBfYzNliWSUnqrczo0vn9uVUug0-Zkel9SN6RSDF5SSp5Z567haBNdcplYOnILDOHWrbDxC5znFba3L5pL_E9DY6V_-flsQF5-Vo3lWoHYwGoR5Brcj78opw2-NdOWc1sV2pFLasM3N_6-5RO6dTMX2lk2kNUbelVC-YECI8ZOIQ3IivQRGnDVMKPcN6riipCaiIrLKkbD_UPc6KDfeOtA8gceSTDtoXLgJpfJpH5rX0DGqggo4yaKb3cqvXRuXKltV0b6dLfzUuEIf_mXxfXvRCCl_hU9-JrzF6sqARugcaSfIiDyfYSdXg27egbhe78-9GYCUkDHmYBlPt_mG1g_UX8WFdSplNQDGLIUWCoc95Z65swbECWsasgc0lU7Y8G3JTebsX-5Ptj9m3sO8xwWQVUtU5lC0xC1BIWi1iuLCYHIF5uqVw3yNVsNjm6wIqrSgNOcmzdGth8TaGyVo71C0D8b0e_e173sevRN2G8r8u9AkxvqKz2WGUQEUsthA1vYEoGNqEEpuHHxg4FOdNJ7WTbnFIZlonUxARa8t3prkPUVdMobmvuXwadkR3l9iYt3j__wjr4GKBkyP6ynWcqjvGPv0K8dFJGLbZZmyJjNY379Dj9kzyC2uhZxuKJucKDrMpxy5tbLhnrLgqiltyRmqNac3_AE0n3RlRLX-sBku4Fn_hVhjeUf6i5iu6Rp49x-tOp379_SVBT_fmWgSYxtYCWPZ0Nmmf5QK4pVFki5b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=90386197F11C1002

43 B
479 B

112ms
111ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=90386197F11C1002

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: N7SJA1CEPV4G530KP103
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:26 GMT
frontend-id: 9
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=90386197F11C1002
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=5753206616472844587&ex=appnexus.com

43 B
479 B

126ms
126ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=5753206616472844587&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T5PGCRJBV16XH39FTENC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 29 May 2023 03:09:23 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.151; 185.213.155.151; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6c01a7fe-1f5a-4197-af18-829a0b22b6fe
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=5753206616472844587&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=JNW8Wuc7SEKpUzPDHai4BA&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%...
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=JNW8Wuc7SEKpUzPDHai4BA

43 B
479 B

130ms
110ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=JNW8Wuc7SEKpUzPDHai4BA

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Z3C1T61B3VW1F7KEFECN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=JNW8Wuc7SEKpUzPDHai4BA
date: Mon, 29 May 2023 03:09:23 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=rdrQVSS5IObzXWMjiAO3jQ&ex=rubiconproject.com&status=ok

43 B
479 B

105ms
105ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=rdrQVSS5IObzXWMjiAO3jQ&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: F6VPC6MDER7C2JVSECT0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=rdrQVSS5IObzXWMjiAO3jQ&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=MsRC-xRATOqw9l_kaCwK8g&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
479 B

109ms
108ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XZQNXHGZCACHQVXV7K6K
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
loadus.exelator.com/load/ Frame C9EF 0
324 B 355ms
32ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=PGu1oIetSlWxAkIInHGjYQ&dmt=3&ex-pl-n-g-hmt=MsRC-xRATOqw9l_kaCwK8g&ep=ttam_T219Ay-cPciHbT10rKvSAe3EGJU-a6zb9tmZuYgPuVOyvz9IRm1K6CjMwIAaPbSXb8fXjYyccAW_6WORZBfYzNliWSUnqrczo0vn9uVUug0-Zkel9SN6RSDF5SSp5Z567haBNdcplYOnILDOHWrbDxC5znFba3L5pL_E9DY6V_-flsQF5-Vo3lWoHYwGoR5Brcj78opw2-NdOWc1sV2pFLasM3N_6-5RO6dTMX2lk2kNUbelVC-YECI8ZOIQ3IivQRGnDVMKPcN6riipCaiIrLKkbD_UPc6KDfeOtA8gceSTDtoXLgJpfJpH5rX0DGqggo4yaKb3cqvXRuXKltV0b6dLfzUuEIf_mXxfXvRCCl_hU9-JrzF6sqARugcaSfIiDyfYSdXg27egbhe78-9GYCUkDHmYBlPt_mG1g_UX8WFdSplNQDGLIUWCoc95Z65swbECWsasgc0lU7Y8G3JTebsX-5Ptj9m3sO8xwWQVUtU5lC0xC1BIWi1iuLCYHIF5uqVw3yNVsNjm6wIqrSgNOcmzdGth8TaGyVo71C0D8b0e_e173sevRN2G8r8u9AkxvqKz2WGUQEUsthA1vYEoGNqEEpuHHxg4FOdNJ7WTbnFIZlonUxARa8t3prkPUVdMobmvuXwadkR3l9iYt3j__wjr4GKBkyP6ynWcqjvGPv0K8dFJGLbZZmyJjNY379Dj9kzyC2uhZxuKJucKDrMpxy5tbLhnrLgqiltyRmqNac3_AE0n3RlRLX-sBku4Fn_hVhjeUf6i5iu6Rp49x-tOp379_SVBT_fmWgSYxtYCWPZ0Nmmf5QK4pVFki5b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:23 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2D631774640E1EF570022ACAF4

43 B
479 B

107ms
107ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2D631774640E1EF570022ACAF4

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FQPBM63RZXA1HBA85NQC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 29 May 2023 03:09:23 GMT
Server: openresty/1.15.8.2
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2D631774640E1EF570022ACAF4
Access-Control-Allow-Origin: https://www.homedepot.com
Access-Control-Expose-Headers: User-NDAT
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Connection: keep-alive
Content-Length: 151
Expires: Mon, 29 May 2023 03:09:22 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=b2a51765616e277110a505d61bba4a27c732fccf90a60205d67747d0e0943e01

43 B
479 B

116ms
115ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=b2a51765616e277110a505d61bba4a27c732fccf90a60205d67747d0e0943e01

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AGBVF175XSTBWAEC51X5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:23 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=b2a51765616e277110a505d61bba4a27c732fccf90a60205d67747d0e0943e01
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H2 200 sync
sync-amazon.ads.yieldmo.com/ Frame C9EF 0
38 B 273ms
27ms Image
text/plain 54.154.12.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-amazon.ads.yieldmo.com/sync?pn_id=amazon&id=NerEqDMMRpihyGQA_WkYUg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DyieldmoHMT%26id%3D%7B%7Buserid%7D%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=PGu1oIetSlWxAkIInHGjYQ&dmt=3&ex-pl-n-g-hmt=MsRC-xRATOqw9l_kaCwK8g&ep=ttam_T219Ay-cPciHbT10rKvSAe3EGJU-a6zb9tmZuYgPuVOyvz9IRm1K6CjMwIAaPbSXb8fXjYyccAW_6WORZBfYzNliWSUnqrczo0vn9uVUug0-Zkel9SN6RSDF5SSp5Z567haBNdcplYOnILDOHWrbDxC5znFba3L5pL_E9DY6V_-flsQF5-Vo3lWoHYwGoR5Brcj78opw2-NdOWc1sV2pFLasM3N_6-5RO6dTMX2lk2kNUbelVC-YECI8ZOIQ3IivQRGnDVMKPcN6riipCaiIrLKkbD_UPc6KDfeOtA8gceSTDtoXLgJpfJpH5rX0DGqggo4yaKb3cqvXRuXKltV0b6dLfzUuEIf_mXxfXvRCCl_hU9-JrzF6sqARugcaSfIiDyfYSdXg27egbhe78-9GYCUkDHmYBlPt_mG1g_UX8WFdSplNQDGLIUWCoc95Z65swbECWsasgc0lU7Y8G3JTebsX-5Ptj9m3sO8xwWQVUtU5lC0xC1BIWi1iuLCYHIF5uqVw3yNVsNjm6wIqrSgNOcmzdGth8TaGyVo71C0D8b0e_e173sevRN2G8r8u9AkxvqKz2WGUQEUsthA1vYEoGNqEEpuHHxg4FOdNJ7WTbnFIZlonUxARa8t3prkPUVdMobmvuXwadkR3l9iYt3j__wjr4GKBkyP6ynWcqjvGPv0K8dFJGLbZZmyJjNY379Dj9kzyC2uhZxuKJucKDrMpxy5tbLhnrLgqiltyRmqNac3_AE0n3RlRLX-sBku4Fn_hVhjeUf6i5iu6Rp49x-tOp379_SVBT_fmWgSYxtYCWPZ0Nmmf5QK4pVFki5b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.12.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-12-56.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:23 GMT
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=882C957E-F77A-4D31-A89C-EDC91D4D2900

43 B
479 B

116ms
116ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=882C957E-F77A-4D31-A89C-EDC91D4D2900

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: K2HRR1KYFVPV1CDCNV47
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=882C957E-F77A-4D31-A89C-EDC91D4D2900
date: Mon, 29 May 2023 03:09:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 204 sd
us-u.openx.net/w/1.0/ Frame C9EF 0
48 B 20ms
19ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072986&val=0AvYN64oT52U_pMzKVmZdw&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DopenxHMT%26id%3D%7BOPENX_RTB_USERID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=PGu1oIetSlWxAkIInHGjYQ&dmt=3&ex-pl-n-g-hmt=MsRC-xRATOqw9l_kaCwK8g&ep=ttam_T219Ay-cPciHbT10rKvSAe3EGJU-a6zb9tmZuYgPuVOyvz9IRm1K6CjMwIAaPbSXb8fXjYyccAW_6WORZBfYzNliWSUnqrczo0vn9uVUug0-Zkel9SN6RSDF5SSp5Z567haBNdcplYOnILDOHWrbDxC5znFba3L5pL_E9DY6V_-flsQF5-Vo3lWoHYwGoR5Brcj78opw2-NdOWc1sV2pFLasM3N_6-5RO6dTMX2lk2kNUbelVC-YECI8ZOIQ3IivQRGnDVMKPcN6riipCaiIrLKkbD_UPc6KDfeOtA8gceSTDtoXLgJpfJpH5rX0DGqggo4yaKb3cqvXRuXKltV0b6dLfzUuEIf_mXxfXvRCCl_hU9-JrzF6sqARugcaSfIiDyfYSdXg27egbhe78-9GYCUkDHmYBlPt_mG1g_UX8WFdSplNQDGLIUWCoc95Z65swbECWsasgc0lU7Y8G3JTebsX-5Ptj9m3sO8xwWQVUtU5lC0xC1BIWi1iuLCYHIF5uqVw3yNVsNjm6wIqrSgNOcmzdGth8TaGyVo71C0D8b0e_e173sevRN2G8r8u9AkxvqKz2WGUQEUsthA1vYEoGNqEEpuHHxg4FOdNJ7WTbnFIZlonUxARa8t3prkPUVdMobmvuXwadkR3l9iYt3j__wjr4GKBkyP6ynWcqjvGPv0K8dFJGLbZZmyJjNY379Dj9kzyC2uhZxuKJucKDrMpxy5tbLhnrLgqiltyRmqNac3_AE0n3RlRLX-sBku4Fn_hVhjeUf6i5iu6Rp49x-tOp379_SVBT_fmWgSYxtYCWPZ0Nmmf5QK4pVFki5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:23 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C9EF
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=be4d0638-ef61-4efb-9143-e5d34fbfaec3-tuctb6d9ce3

43 B
479 B

107ms
104ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=be4d0638-ef61-4efb-9143-e5d34fbfaec3-tuctb6d9ce3

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 May 2023 03:09:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Z34NZD2VA2BG97BMG2BA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=be4d0638-ef61-4efb-9143-e5d34fbfaec3-tuctb6d9ce3
date: Mon, 29 May 2023 03:09:23 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13658

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame ECBD 0
0 61ms
15ms Document
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash

Request headers

Referer: https://userouto.novemberrain.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Mon, 29 May 2023 03:09:22 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A

GET
H2 200 0c811f606be0a549
pixel.sitescout.com/up/ 43 B
267 B 63ms
18ms Image
image/gif 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/0c811f606be0a549?cntr_url=https%3A%2F%2Fuserouto.novemberrain.lol%2F
Requested by: Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:22 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
294 B 105ms
104ms XHR
text/plain 54.175.167.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=H4_Cimg_imp8l7BT4SKD-A&is_js=true&landing_url=https%3A%2F%2Fuserouto.novemberrain.lol%2F&t=Home%20%7C%20Doctors%20Without%20Borders%20-%20USA&tip=-xaHQG2sB6KrqoBsVFVF0Z8Yu4Y_A_L4Ikfa3cOWIHw&host=https://userouto.novemberrain.lol&sa_conv_data_css_value=%270-e357ffec-92e5-51ec-7f30-decef67c3e75%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9e357ffec92e551ec7f30decef67c3e75b9d59b97&sa-user-id-v2=s%253A41f_7JLlUex_MN7O9nw-dbnVm5c.QB%252BJNgxRGInnaXHEcIbAg6ulEwDEqRnBkMWZof%252Fd%252FhQ&sa-user-id=s%253A0-e357ffec-92e5-51ec-7f30-decef67c3e75.Acq%252FL8Kjvtcc5X5JZi7nIfmIDsA5yDDJGqPAW5iGXSQ
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.167.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-167-136.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://userouto.novemberrain.lol
date: Mon, 29 May 2023 03:09:22 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 94
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 Serving Show response
bs.serving-sys.com/ 384 B
869 B 96ms
10ms Script
text/html 54.93.150.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=6245&dispType=js&sync=0&sessionid=3686423269428477074&pageurl=$$https%3A%2F%2Fuserouto.novemberrain.lol%2F$$&activityValues=$$OrderID%3Dundefined%26Value%3Dundefined%26Session%3D8499302224394324195$$&acp=$$DLCategory%3Dundefined$$&ns=0&rnd=3298565116317611&uinadv=%7B%7D&ccpastatus=1
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.150.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-150-94.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b990373fcc75a911c5a819a789bd68e0613388db0604eaba29241bcb308304d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 03:09:22 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 289
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 58ms
55ms Image
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-K5Q6FPH&cv=161&v=3&t=t&pid=603087768&rv=35o0&es=1&e=gtm.dom&eid=34&u=AAAAAAAIAAAAAAAI&h=Ag&tc=2&z=0

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:22 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
2 KB 753ms
178ms Script
application/javascript 35.85.106.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=UA-3903043-1&ga_client_id=2037264111.1685329762&shpt=Home%20%7C%20Doctors%20Without%20Borders%20-%20USA&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-3903043-1%22%2C%22ga_client_id%22%3A%222037264111.1685329762%22%2C%22shpt%22%3A%22Home%20%7C%20Doctors%20Without%20Borders%20-%20USA%22%2C%22dcm_cid%22%3A%22undefined.undefined%22%2C%22dcm_gid%22%3A%22510503486.1685329762%22%2C%22mntnis%22%3A%22HxONJGW3%2BrSCZiPkLIZ38DGZ8XFnZDS8%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=undefined.undefined&dcm_gid=510503486.1685329762&dxver=4.0.0&shaid=33760&plh=https%3A%2F%2Fuserouto.novemberrain.lol%2F&cb=45995568023416180term%3Dvalue&shadditional=googletagmanager%3Dtrue%2C
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=33760&tdr=&plh=https%3A%2F%2Fuserouto.novemberrain.lol%2F&cb=45995568023416180term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.85.106.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-106-161.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 2487f7c761ad964af8fdc9d239429ed1dbab9df96cc873f093ee6ce5ba7a9084

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:23 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 2
connection: close

POST
H2 200 / Show response
www.facebook.com/tr/ Frame CCC9 0
79 B 8ms
7ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://userouto.novemberrain.lol
Referer: https://userouto.novemberrain.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://userouto.novemberrain.lol
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 03:09:23 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK gs Show response
gs.mountain.com/ 144 B
733 B 861ms
175ms Script
application/javascript 34.212.4.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.mountain.com/gs
Requested by: Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.212.4.35 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-212-4-35.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: d0374d60078f13cdbffa04c0475de553a185b8395367601466b3821417b75d56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:24 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 0
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
1 KB 534ms
190ms Script
application/javascript 35.85.106.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=UA-3903043-1&ga_client_id=2037264111.1685329762&shpt=Home%20%7C%20Doctors%20Without%20Borders%20-%20USA&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-3903043-1%22%2C%22ga_client_id%22%3A%222037264111.1685329762%22%2C%22shpt%22%3A%22Home%20%7C%20Doctors%20Without%20Borders%20-%20USA%22%2C%22dcm_cid%22%3A%22undefined.undefined%22%2C%22dcm_gid%22%3A%22510503486.1685329762%22%2C%22mntnis%22%3A%22HxONJGW3%2BrSCZiPkLIZ38DGZ8XFnZDS8%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=undefined.undefined&dcm_gid=510503486.1685329762&dxver=4.0.0&shaid=33760&plh=https%3A%2F%2Fuserouto.novemberrain.lol%2F&shadditional=googletagmanager%3Dtrue%2C&cb=168532976370672&shguid=c1a75b33-5bde-3349-b42c-7dddb2047abd&shgts=1685329764617
Requested by: Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.85.106.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-106-161.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:25 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 15
connection: close

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame CF81 0
201 B 77ms
21ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=ca31ccb5-b8dc-41e0-a975-3514437ce11b&u_scsid=547bc5b1-4aca-46cf-96da-053981626778&u_sclid=cdbb73a7-c9f4-490c-9963-818d9fd61659

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://userouto.novemberrain.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 29 May 2023 03:09:25 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 ca31ccb5-b8dc-41e0-a975-3514437ce11b.js Show response
tr.snapchat.com/config/lol/ 167 B
460 B 78ms
20ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/lol/ca31ccb5-b8dc-41e0-a975-3514437ce11b.js

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

74c84b41428c17721d614ffdc1e5fc44738202421c5fdc54a4119ada7285964a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://userouto.novemberrain.lol/
Origin: https://userouto.novemberrain.lol
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://userouto.novemberrain.lol
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 async-api.ad3273bd-1.232.0.min.js Show response
js-agent.newrelic.com/ 3 KB
2 KB 32ms
7ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.ad3273bd-1.232.0.min.js

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: OjwEEoZjF9pbnlt.Cg9dV5pJF0e7Bjo3
content-encoding: gzip
via: 1.1 varnish
date: Mon, 29 May 2023 03:09:25 GMT
strict-transport-security: max-age=300
x-amz-request-id: 2HV6J6QHFFESHJRR
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1353
x-amz-id-2: BXEPYmEflhh8Vht8sn9Q1DUjjjCdyno/0vK0P4vna65JsDaTt7F35BfMmDx7zQLw8OCOg9e2TFA=
x-served-by: cache-fra-eddf8230087-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1685329765.278873,VS0,VE0
etag: "d7011e3a3501d54c9be8929572a18598"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1077

GET
H2 200 session-manager.2a8d47d1-1.232.0.min.js Show response
js-agent.newrelic.com/ 15 KB
6 KB 32ms
7ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session-manager.2a8d47d1-1.232.0.min.js

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: D9U.McFOdEj4dYMN5VJBUueQRx486Iwz
content-encoding: gzip
via: 1.1 varnish
date: Mon, 29 May 2023 03:09:25 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33YC9JCZQM6STQJG
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5781
x-amz-id-2: MFfb7MGqGrqmfqqSXBRxyB8p3seuC8FOIGAdlP3GdJhGKDscVqHW57p863nKhRGgnkRzZizmvC4=
x-served-by: cache-fra-eddf8230087-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1685329765.278856,VS0,VE0
etag: "e42e9b9282d7865427c32ad60eea44b4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 698

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 9B0A 0
182 B 104ms
32ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=ca5g5oz&ref=https%3A%2F%2Fuserouto.novemberrain.lol%2F&upid=p3b7hxl&upv=1.1.0&v=undefined
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://userouto.novemberrain.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Mon, 29 May 2023 03:09:25 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 lazy-loader.c8cd494b-1.232.0.min.js Show response
js-agent.newrelic.com/ 921 B
616 B 7ms
6ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-loader.c8cd494b-1.232.0.min.js

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: JxOZDsaCO.84OJr88feb47MQNIiB.lPY
content-encoding: gzip
via: 1.1 varnish
date: Mon, 29 May 2023 03:09:25 GMT
strict-transport-security: max-age=300
x-amz-request-id: HFKEC7V8RSG7GQ3Z
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 410
x-amz-id-2: sMPeOof8K4e91kQ20uXJDDwefRnsVFND0s9EnxyiOeAw9CM1xr2qBuk5sozOrYVezXVrvqQ6llg=
x-served-by: cache-fra-eddf8230087-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1685329765.296175,VS0,VE0
etag: "43b458adcc5ab7566291590de5438262"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 705

GET
H2 200 875.2c240adb-1.232.0.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 8ms
6ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/875.2c240adb-1.232.0.min.js

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: hJYscwmqXwVNvHS80_0vRqxt_Uk.MPpY
content-encoding: gzip
via: 1.1 varnish
date: Mon, 29 May 2023 03:09:25 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33Y6DMYX2M755T46
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3692
x-amz-id-2: 12ESXK8BgHWgzbN3nQPaydy+L59jXSGMNsIQOuRJSUSgpXbpopBHG7CYiWTsgYBLZaJ3F98QqLg=
x-served-by: cache-fra-eddf8230087-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1685329765.307198,VS0,VE0
etag: "12b760183a18786621f95a5599ea91d1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 672

GET
H2 200 page_view_event-aggregate.5a238c1f-1.232.0.min.js Show response
js-agent.newrelic.com/ 11 KB
4 KB 9ms
7ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.5a238c1f-1.232.0.min.js

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: m6hQu7Qmu3oSTIZPOga15if6q1_usD02
content-encoding: gzip
via: 1.1 varnish
date: Mon, 29 May 2023 03:09:25 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33Y1F68V5R4G1R1S
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4123
x-amz-id-2: LE8Mmxf56EgzLRhRoenpxF0OXZIwo/pswFnDB4N8n+EeKaME6HXt1Xk7L6rvqhOxcNjSk/xOwSY=
x-served-by: cache-fra-eddf8230087-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1685329765.307792,VS0,VE0
etag: "397497131773c37606e11fcb4222917f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2107255

GET
H2 200 page_view_timing-aggregate.ddd91465-1.232.0.min.js Show response
js-agent.newrelic.com/ 12 KB
5 KB 10ms
9ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.ddd91465-1.232.0.min.js

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: ZN8S09QpTi3DRaBHssxUl.rChDa0uNQQ
content-encoding: gzip
via: 1.1 varnish
date: Mon, 29 May 2023 03:09:25 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33Y867HS6MYT7985
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4571
x-amz-id-2: CILtP2UgtVGD48J+UTjWq+irCqTwzRZs1VccfZLy4xzSBKIMwL+jwnc8ZZpkzmwxwhHr4pdQKRs=
x-served-by: cache-fra-eddf8230087-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1685329765.307953,VS0,VE0
etag: "38f4d68378bfe3989db669dc9385b7c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 664

GET
H2 200 metrics-aggregate.c2ad263a-1.232.0.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 9ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.c2ad263a-1.232.0.min.js

Requested by

Host: userouto.novemberrain.lol
URL: https://userouto.novemberrain.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: Kwxbmu4apiKNi1wg_2QBa578nUzXK.xS
content-encoding: gzip
via: 1.1 varnish
date: Mon, 29 May 2023 03:09:25 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33YF3D3MNZZ7XXTH
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1663
x-amz-id-2: 0t28v8WC4ksNHlPsbHnq2BFvbag9JdhBEGj1l2cZmwZMryjnQUGTG7J4qr+P0dP0z2Q8RhqNGa0=
x-served-by: cache-fra-eddf8230087-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1685329765.307935,VS0,VE0
etag: "581d99ebc34c05e0a160a0c4a848cae7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 297

GET
H/1.1 200
OK f5d47df863 Show response
bam.nr-data.net/1/ 56 B
404 B 556ms
522ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/f5d47df863?a=119583094&v=1.232.0&to=YFZaMRBUVksEWkVZWVkceQYWXFdWSn1DRUZWX2QmDUddZCNWQ11qcVxKCCBAUVQBXEMdCEVWVgEHR2hUBFpUWFlbV10XJFpKVSRaRVlZWQ%3D%3D&rst=4342&ck=0&s=0&ref=https://userouto.novemberrain.lol/&ap=277&be=432&fe=3841&dc=980&perf=%7B%22timing%22:%7B%22of%22:1685329760985,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:4,%22c%22:4,%22s%22:111,%22ce%22:221,%22rq%22:221,%22rp%22:432,%22rpe%22:564,%22di%22:1390,%22ds%22:1390,%22de%22:1412,%22dc%22:4261,%22l%22:4267,%22le%22:4274%7D,%22navigation%22:%7B%7D%7D&fp=933&fcp=1149&at=TBFZR1hORUU%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.ad3273bd-1.232.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9bdeba67a5e0f64db65210a03aa5c808e21ec02a5cff47bce7611b6ade9ee9e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:25 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 56
x-served-by: cache-fra-eddf8230052-FRA

POST
H2 200 p
tr.snapchat.com/ 68 B
351 B 27ms
26ms Ping
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://userouto.novemberrain.lol/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 29 May 2023 03:09:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://userouto.novemberrain.lol
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 6
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

POST
H3 200 hm
tr.snapchat.com/ 68 B
88 B 23ms
21ms Ping
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/hm

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://userouto.novemberrain.lol/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 29 May 2023 03:09:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/json
access-control-allow-origin: https://userouto.novemberrain.lol
cache-control: no-cache, no-transform
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

OPTIONS
H2 200 hm
tr.snapchat.com/ Frame 0
0 22ms
21ms Preflight 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.snapchat.com/hm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.43.190.35.bc.googleusercontent.com
Software: API Gateway /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://userouto.novemberrain.lol
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: https://userouto.novemberrain.lol
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 29 May 2023 03:09:25 GMT
server: API Gateway
via: 1.1 google

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 51ms
50ms Image
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-K5Q6FPH&cv=161&v=3&t=t&pid=603087768&rv=35o0&es=1&e=gtm.load&eid=37&u=AAAAAAAIAAAAAAAI&h=Ag&tc=2&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 03:09:25 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 p
tr.snapchat.com/ 0
15 B 22ms
21ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p?v=2

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://userouto.novemberrain.lol/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 29 May 2023 03:09:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://userouto.novemberrain.lol
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 p
tr.snapchat.com/ Frame 0
0 20ms
20ms Preflight 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.snapchat.com/p?v=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.43.190.35.bc.googleusercontent.com
Software: API Gateway /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://userouto.novemberrain.lol
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: https://userouto.novemberrain.lol
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 29 May 2023 03:09:24 GMT
server: API Gateway
via: 1.1 google

GET
H2 204 js_tracking Show response
tags.srv.stackadapt.com/ 0
158 B 99ms
99ms XHR
text/plain 54.175.167.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/js_tracking?url=https%3A%2F%2Fuserouto.novemberrain.lol%2F&uid=H4_Cimg_imp8l7BT4SKD-A&v=1&host=https://userouto.novemberrain.lol
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.167.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-167-136.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://userouto.novemberrain.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://userouto.novemberrain.lol
date: Mon, 29 May 2023 03:09:32 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET

Verdicts & Comments Add Verdict or Comment

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

80 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 12:10:16	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.novemberrain.lol/	1970-01-20 12:10:16	Name: _gid Value: GA1.2.510503486.1685329762
.novemberrain.lol/	1970-01-20 14:18:25	Name: _gcl_au Value: 1.1.678029649.1685329762
.novemberrain.lol/	1970-01-20 12:08:49	Name: _gat_UA-3903043-22 Value: 1
tags.srv.stackadapt.com/	1970-01-20 20:54:25	Name: sa-user-id Value: s%3A0-e357ffec-92e5-51ec-7f30-decef67c3e75.Acq%2FL8Kjvtcc5X5JZi7nIfmIDsA5yDDJGqPAW5iGXSQ
tags.srv.stackadapt.com/	1970-01-20 20:54:25	Name: sa-user-id-v2 Value: s%3A41f_7JLlUex_MN7O9nw-dbnVm5c.QB%2BJNgxRGInnaXHEcIbAg6ulEwDEqRnBkMWZof%2Fd%2FhQ
.srv.stackadapt.com/	1970-01-20 20:54:25	Name: sa-user-id-v2 Value: s%3A41f_7JLlUex_MN7O9nw-dbnVm5c.QB%2BJNgxRGInnaXHEcIbAg6ulEwDEqRnBkMWZof%2Fd%2FhQ
.novemberrain.lol/	1970-01-20 14:18:25	Name: _rdt_uuid Value: 1685329762277.1099494f-5133-4b86-b286-d1b980559d75
.novemberrain.lol/	1970-01-20 21:38:36	Name: _scid Value: 93aed7ba-31c9-44cf-ab3f-0b1f171d8f55
.novemberrain.lol/	1970-01-20 21:38:36	Name: _scid_r Value: 93aed7ba-31c9-44cf-ab3f-0b1f171d8f55
.novemberrain.lol/	1970-01-20 21:44:49	Name: _ga_9764BMZSVR Value: GS1.1.1685329762.1.0.1685329762.0.0.0
.novemberrain.lol/	1970-01-20 21:44:49	Name: _ga Value: GA1.1.2037264111.1685329762
.doubleclick.net/	1970-01-20 21:30:25	Name: IDE Value: AHWqTUmEnFDi6O78ApNBdzmSOwIYVrBuNWDiaSyhOugUAFGdVxIa-4NwFzeClQZP
.trkn.us/	1970-01-20 20:54:25	Name: barometric[cuid] Value: cuid_9219a505-40b5-435f-b15b-a1fc82a8704f
.t.co/	1970-01-20 21:44:49	Name: muc_ads Value: 9ed6d277-b140-4be8-b760-258669bd5efa
.novemberrain.lol/	1970-01-20 12:10:16	Name: _uetsid Value: 35af9e90fdce11ed99fbc52e6e962acc
.novemberrain.lol/	1970-01-20 21:30:25	Name: _uetvid Value: 35afc1c0fdce11ed8ea3ed732047a98a
.linkedin.com/	1970-01-20 14:18:25	Name: li_sugr Value: e66d7849-2a3d-456a-bab0-d58a0855a04e
.linkedin.com/	1970-01-20 20:54:25	Name: bcookie Value: "v=2&03fbf595-3f2d-4d0b-8755-e0b3dcce0651"
.linkedin.com/	1970-01-20 12:10:16	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2948:u=1:x=1:i=1685329762:t=1685416162:v=2:sig=AQFgRUAcmCNjvhn4BPZcehE4mD17F35Z"
.twitter.com/	1970-01-20 21:44:49	Name: guest_id_marketing Value: v1%3A168532976237924120
.twitter.com/	1970-01-20 21:44:49	Name: guest_id_ads Value: v1%3A168532976237924120
.twitter.com/	1970-01-20 21:44:49	Name: personalization_id Value: "v1_xqauIaGCesn5pCeTHlgWtQ=="
.twitter.com/	1970-01-20 21:44:49	Name: guest_id Value: v1%3A168532976237924120
.amazon-adsystem.com/	1970-01-20 17:21:18	Name: ad-id Value: A6MmQicoZEh1hb3DU2tG7wM
.amazon-adsystem.com/	1970-01-20 21:44:49	Name: ad-privacy Value: 0
.bing.com/	1970-01-20 21:30:25	Name: MUID Value: 12F7668F225C6AA91BD175AF238E6B6C
userouto.novemberrain.lol/	1970-01-20 12:10:16	Name: ln_or Value: eyIzOTE1OTYyIjoiZCJ9
userouto.novemberrain.lol/	1970-01-20 20:54:25	Name: sa-user-id Value: s%253A0-e357ffec-92e5-51ec-7f30-decef67c3e75.Acq%252FL8Kjvtcc5X5JZi7nIfmIDsA5yDDJGqPAW5iGXSQ
userouto.novemberrain.lol/	1970-01-20 20:54:25	Name: sa-user-id-v2 Value: s%253A41f_7JLlUex_MN7O9nw-dbnVm5c.QB%252BJNgxRGInnaXHEcIbAg6ulEwDEqRnBkMWZof%252Fd%252FhQ
.quantserve.com/	1970-01-20 21:39:04	Name: mc Value: 64741762-81989-764e7-c924e
.novemberrain.lol/	1970-01-20 14:18:25	Name: _fbp Value: fb.1.1685329762566.63974769
.novemberrain.lol/	1970-01-20 21:33:18	Name: __qca Value: P0-130594352-1685329762095
.novemberrain.lol/	1970-01-20 12:08:51	Name: tfpsi Value: f3a236a1-ac33-46a8-b137-126452d83000
.yahoo.com/	1970-01-20 20:54:47	Name: A3 Value: d=AQABBGIXdGQCEDnQb_0SDEpwDPTlMU-LewwFEgEBAQFodWR9ZOANyiMA_eMAAA&S=AQAAAso7JArWjHziHNb02Pln-1s
.linkedin.com/	1970-01-20 12:52:01	Name: UserMatchHistory Value: AQKn-LxpozycQAAAAYhle1kJu3twNsTkhchOMF4hPWaJPE8HIIm0FMs72lID9nKeE68f5sKaaL7w2Q
.linkedin.com/	1970-01-20 12:52:01	Name: AnalyticsSyncHistory Value: AQK81Omu8cVPJwAAAYhle1kJeOYkTYzcF187TI28Nm7zzvZr5TuC_aS25lTaBesuudmpy1dhEiV0tLckeKRIvA
.adnxs.com/	1970-01-20 14:18:25	Name: uuid2 Value: 5753206616472844587
.agkn.com/	1970-01-20 20:54:25	Name: ab Value: 0001%3AVkx0vT76tw7B7QuqY3Ij8jSj7Jpc%2FBBQ
.adnxs.com/	1970-01-20 14:18:25	Name: anj Value: dTM7k!M4/YF7/.XF']wIg2E?ar]oMb!]tbPl1M]o$IyEVU[YvG4btGKDgdsHWFlYb!:WsHQnvXcs_$l>0Vi#BI7y)N[UD!!-$4*$t<t
.myvisualiq.net/	1970-01-20 21:44:49	Name: tuuid Value: a9c15d9b-0043-4908-a9d2-390440e44234
.myvisualiq.net/	1970-01-20 21:44:49	Name: c Value: 1685329762
.myvisualiq.net/	1970-01-20 21:44:49	Name: tuuid_lu Value: 1685329762
.bidswitch.net/	1970-01-20 20:54:25	Name: tuuid Value: c817073f-71de-402f-92d1-16c70369adde
.bidswitch.net/	1970-01-20 20:54:25	Name: c Value: 1685329762
.bidswitch.net/	1970-01-20 20:54:25	Name: tuuid_lu Value: 1685329762
.360yield.com/	1970-01-20 14:18:25	Name: tuuid Value: 956fda14-3a70-4a31-afbe-35518f262f9a
.360yield.com/	1970-01-20 14:18:25	Name: tuuid_lu Value: 1685329762
.www.linkedin.com/	1970-01-20 20:54:25	Name: bscookie Value: "v=1&20230529030922e71433f6-e77d-42b8-85bf-15a6e8ad6801AQEYifUVwAWTVGGF0ItNg0Hsvd2afWo0"
.linkedin.com/	1970-01-20 16:28:01	Name: li_gc Value: MTswOzE2ODUzMjk3NjI7MjswMjGXhvqcy4mte+KGYSIOO2RWjThM1EYu8Q+yBV6bEy7Znw==
.bluekai.com/	1970-01-20 16:33:47	Name: bku Value: b/X99s/U5sHXi2/l
.bluekai.com/	1970-01-20 16:33:47	Name: bkpa Value: KJy9RQY5d02pSUHknp1tmexywlJkjsk0wVC65cOpJEBOJEJsJEJsz08CqVabqtT+RVHpKUB6jV6rRt2+JEJsjVB+10DpHZPTJEBWRZhNjV+CSu8Mqt6k1MjojYDpHYD0Ba2YuN2PPDkW9y9ZOH2a
.casalemedia.com/	1970-01-20 20:54:25	Name: CMID Value: ZHQXYmCyJbFsD5PT1G.iyQAA
.casalemedia.com/	1970-01-20 14:18:25	Name: CMPS Value: 5175
.casalemedia.com/	1970-01-20 14:18:25	Name: CMPRO Value: 5175
bs.serving-sys.com/	1969-12-31 23:59:59	Name: OT_6245 Value: 1
.serving-sys.com/	1970-01-20 12:52:01	Name: OT2 Value: 0001xB1sI3
.tremorhub.com/	1970-01-20 20:54:46	Name: tvid Value: 8cfef35c2802411e926381df91c2b33e
.tremorhub.com/	1970-01-20 21:44:49	Name: tv_UIAM Value: 70561f2512e34b709167ad635e49f7bf
.360yield.com/	1970-01-20 14:18:25	Name: um Value: !416,3trTqENCxv.hecpwohj0KHXt,1693105763
.360yield.com/	1970-01-20 14:18:25	Name: umeh Value: !416,0,1747537763,-1
.analytics.yahoo.com/	1970-01-20 20:54:25	Name: IDSYNC Value: "195g~2bwr:19b9~2bwr"
.krxd.net/	1970-01-20 16:28:01	Name: _kuid_ Value: PlSTtWhB
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1685329763_1
.serving-sys.com/	1970-01-20 12:52:01	Name: u2 Value: 057c8321-fb0d-4644-9d8a-4e8924124cb54MO06g
.demdex.net/	1970-01-20 16:28:01	Name: demdex Value: 21932032181932720453513384379114052225
.adform.net/	1970-01-20 12:53:28	Name: C Value: 1
.spotxchange.com/	1970-01-20 12:49:08	Name: audience Value: 363880c0-fdce-11ed-8f02-194044dd0406
.adform.net/	1970-01-20 13:35:13	Name: uid Value: 5191219381655276274
.dpm.demdex.net/	1970-01-20 16:28:01	Name: dpm Value: 21932032181932720453513384379114052225
ads.samba.tv/	1970-01-20 21:40:30	Name: sambapxid Value: 1146987608d7a3bed
.pubmatic.com/	1970-01-20 14:18:25	Name: KRTBCOOKIE_290 Value: 23219-JNW8Wuc7SEKpUzPDHai4BA&KRTB&23261-JNW8Wuc7SEKpUzPDHai4BA
.pubmatic.com/	1970-01-20 12:52:01	Name: PugT Value: 1685329763
.ispot.tv/	1970-01-20 21:44:49	Name: pt Value: v2:b2a51765616e277110a505d61bba4a27c732fccf90a60205d67747d0e0943e01\|b65b4e35d2f8b7237d971071fe2cb1d1677ef9cc5a89a4427bd6539f4b4d5624
.pubmatic.com/	1970-01-20 20:54:25	Name: KADUSERCOOKIE Value: 882C957E-F77A-4D31-A89C-EDC91D4D2900
.semasio.net/	1970-01-20 20:54:25	Name: SEUNCY Value: 90386197F11C1002
.mountain.com/	1970-01-20 21:44:49	Name: guid Value: 3674adf3-fdce-11ed-b2f5-51ef6a1d23af
.ninthdecimal.com/	1970-01-20 16:28:01	Name: ndat Value: LU+N+GR0F2Nw9R4O9MoqAg==
.px.mountain.com/	1970-01-20 21:44:49	Name: tt Value: H4sIAAAAAAAAAKtWKlOyMqoFAP609q8HAAAA
.snapchat.com/	1970-01-20 21:30:25	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIAgDsItIQNyQc8ToFRxvm1U8wSd+CJkJyL4VYqi7LN2V2m1c8JFBtH6UH7DTMgAAAA==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googleadservices.com/pagead/conversion.js(Line 28) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://usermatch.krxd.net/um/v2?partner=amzn Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-src ; child-src ; report-uri /report-csp-violation
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4bbb217ea6254403aa185676f44c955f.js.ubembed.com
aa.agkn.com
ads.samba.tv
ads.stickyadstv.com
alb.reddit.com
amazon.partners.tremorhub.com
analytics.twitter.com
assets.gospringboard.io
assets.ubembed.com
bam.nr-data.net
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c1.adform.net
cdn.linkedin.oribi.io
cm.g.doubleclick.net
cm.teads.tv
cms.analytics.yahoo.com
connect.facebook.net
data.adxcel-ec2.com
dpm.demdex.net
dsum-sec.casalemedia.com
dx.mountain.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gs.mountain.com
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
js-agent.newrelic.com
js.adsrvr.org
lciapi.ninthdecimal.com
loadus.exelator.com
match.360yield.com
my.hellobar.com
odr.mookie1.com
p.teads.tv
pi.ispot.tv
pix.pub
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
public-prod-dspcookiematching.dmxleo.com
px.ads.linkedin.com
px.mountain.com
px4.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.amazon-adsystem.com
s.yimg.com
sb.scorecardresearch.com
sc-static.net
secure-ds.serving-sys.com
secure.quantserve.com
snap.licdn.com
sp.analytics.yahoo.com
ssum-sec.casalemedia.com
static.addtoany.com
static.ads-twitter.com
sync-amazon.ads.yieldmo.com
sync.search.spotxchange.com
sync.taboola.com
t.co
t.myvisualiq.net
t.teads.tv
tags.bluekai.com
tags.srv.stackadapt.com
token.rubiconproject.com
tr.snapchat.com
trkn.us
uipglob.semasio.net
up.pixel.ad
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
userouto.novemberrain.lol
usersync.samplicio.us
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.imdb.com
www.linkedin.com
www.redditstatic.com
x.bidswitch.net
104.102.35.84
104.244.42.67
104.244.42.69
104.76.200.221
108.138.15.119
108.138.17.124
13.107.42.14
13.248.245.213
13.32.99.105
141.226.228.48
142.250.184.194
142.250.185.66
143.204.207.250
146.75.120.157
151.101.129.131
151.101.130.132
151.101.194.137
162.247.243.29
178.79.242.181
18.211.112.232
185.64.191.210
185.80.39.216
185.86.138.155
185.94.180.126
188.65.124.66
195.88.24.26
198.47.127.19
2001:4860:4802:34::36
212.82.100.181
212.82.100.182
23.212.89.35
23.55.110.193
23.55.110.200
2600:1f18:612b:4216:2976:fb7:a48b:c1b5
2600:9000:20eb:ac00:2:53b2:240:93a1
2600:9000:223c:8c00:6:44e3:f8c0:93a1
2606:4700:10::6816:47c5
2606:4700:10::6816:f17
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:803::200e
2a00:1450:4001:806::2004
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a02:26f0:480:f::213:7edd
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::396
2a04:4e42::396
3.75.62.37
3.77.69.115
34.160.236.64
34.212.4.35
34.243.48.125
34.98.64.218
35.157.143.185
35.190.43.134
35.71.131.137
35.85.106.161
37.157.5.84
37.252.173.215
45.79.141.248
52.21.14.181
52.215.230.29
52.22.50.55
52.222.214.106
52.222.236.119
52.222.236.205
52.3.183.164
52.46.128.147
52.59.128.150
52.7.151.245
54.144.30.117
54.154.12.56
54.175.167.136
54.227.216.222
54.229.183.59
54.78.254.47
54.93.150.94
69.173.144.139
69.173.144.165
77.243.51.121
98.98.134.242
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af
01b4060f6ed05c08974913a5ee1e7c38fb5159e2e9b309ca4d91092f3fd720d4
04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643
05cb641ad248bc8a5673d34e27f6c83126cf4bf4ed22518d7f66bc84b7207328
06d6a4c376219d95f3e92d90cd4007889f5af832441518770f1fd8ef1092b195
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
17f55f6ac6729273c93d0db2ef9708c9fb1f020d2587af6d8dda75cf4b6d7ee5
1968797feeb7299ced9f755a33a5c4cadf9a19a20b78b2887b7e1cfda9e03442
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e73bca8212902da66af262a207df3ae8596744fb58d4124023b09d451e92df9
1fbe9acb72e9dac130310cd520d4b9b47b60e0cf134a106f8c4027da2368cc6b
20b642d6d84bdb3f22bd739729db385a9fb781779304e542003c2967cef98600
21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67
22d4b861bf339d524ff8e0fb180120cd4cda36278df19e2c3786b95815106857
2487f7c761ad964af8fdc9d239429ed1dbab9df96cc873f093ee6ce5ba7a9084
24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
265d03e9fc1805d7ad7402549186afb50ffcd77aa60e1b5f67af96495b9dd9ff
272d70a4e90533a68eb205eacbe7f33a80d33e921c387a01c434f4f065587bb2
2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3291a8dda2b3526374424813e602f0976e357f49a57c17eff110cf88e66d8d01
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
37676dde49b749863927272eb0466874471bac9fde05ec9d20ac78053c1a70ba
3a7e7d370f249606227cbf9136005dca302328ca0e86520bd58ce3f4077e969e
3ca0c58949bc5722a3f490f43613ffd43afa90e675860ff5af41cb8f4d8da20c
3d2e9ffe6408d315a1714d77836adfcadfae09ea7f16b64917f5c398c1f167b6
3dd76bc7712b8e7b2c6437fb5ee592edfcb5f6095c4b54ed2f6b13b4f04d8bd4
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09
4385e90fa0aa28cbc339850c4e9a38e30ee04688f3c887de15a384d51f9598a8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49843b715b44efd27ac63cbd2135c6d08fb2eee9b6826eb88b97639f8aa04346
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
511f133763db7d1a8e9e60e7def69b2664d6232ff3305c394ce4b60c02c93af1
518e1535c9ec822b813206fbc3f5d5dfdf755746f754b6b278456ce6d8405c90
55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d
5918130f071d4e4d8ea0f117b7d2cdf13c212ebe3cca492065785992c5cbb3fb
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5e99b03ae9d10aab7c83873f900d60866460c3624f14f1f47e1af750b6e2446f
5f1b9d0b9bbcb9cb68eca37e238a23a17874eb6da5be653d16988c3e104bbd61
5f8705787aa128d5b15d766dab7a7977e9f969959962698923c8b15568aad1e4
63cabaee9065b0bd4b54afe25a8c23ce70e7f48ac39d9389d5001d185aa2d1d2
63d59102dba907bb4e57556b856731cda774fb6deaba4dc95ab813fa995b6c09
65fd05594c180e270988f3b29ce7b4227336d34ed3fa086575729cd872a5fb2d
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6b064d595f94041974d37017a1ed1dff0501e772fe7fcd092c53afe972d5c10a
6e8c8c34a8f59b73b450cf61bb8f614f5e4a1e3d1568899d2b3748c689579140
704d84bb9b6b9ae3ae19d749a6bd0abb9ba6fd1e1750a4347113788000f7dfa8
72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226
72d9545193a0d3a09eecde08fa10a652297cb3cd0a780e5c07c8a5e3e803ebd6
73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd
74c84b41428c17721d614ffdc1e5fc44738202421c5fdc54a4119ada7285964a
754acb7f1683954de7697922bdf7d8c246e3ed168174c82eacf186bafa933915
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7d17ccafdf7f27acde8f67660f25ce5fa15ed757de46311aebbf25cec29a7686
7fb2bb5e65e819d72dd3267f270d16b79f9d943826b7be4c612aa4dd6c7ec3f2
810e791abda0ad32934a4946ea33304c17507992f3a06e98219f9d2409a29552
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85dac1b05a9c46d072b65226ede0449fae1edc0c754a2ab596dd4f41107642cd
8839f0a1878a49b9c425c4ffcc582055668abbf7812c8adb05cff33b47c0b591
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ea7dba818e02603c9ac7d5f14a7a9a3e35ee91fd7674d2772435b2ded651578
8ebe96dc5f57b99a66cd43b948c08f1238776a8be937481304cf56b8d8b131ed
9140965a79007b803abcbe7975aa4cd843ff3940613fe6bd4aafc9206263fb95
93b21afa249940f18b6d753fc0d4f0bb26abc5e9e36f04157f1f844d6aa3330a
9584e01c9e0b3e5a9eab6e960eeda441896c6f0da4d40062a4925b9f63370738
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b9207f2f5e1bc2e372972a623a948cf1d1f80fba52714bd811e6913519eb62c
9bdeba67a5e0f64db65210a03aa5c808e21ec02a5cff47bce7611b6ade9ee9e0
9f015a1988ca9904199b1f6947009cedfefe5f2de7b8e7d28ba0ad041a2146ee
9feae130e6a32a30244b79ccbaed4ccd6cff03a85318b505deb76e09be5ef52c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1245c74d12f28b590bf2ac65a4d3208a6f70c53690e34b86d43cc4aec0882bc
a4295846504ee0fa4d262411d4f0ed450f8acc152db4eb1bec5c6f07db0273c7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
add15dc979f5fb1e6e6bfbd5010922b14bf9eaa026cd738a81a9f0f2f9a69c8f
ae3e692e2a584c5c4c1cf0a1d4d8fb7d6ba0b00794ca7f05c56b2d24221dc058
b0cc9a2cf38a0cc4dca290f198ff87deeaa70dbb397165d15b5e7a69efc018c2
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b3b59c4ad52bea1bb816fdbb0d94c834fccf723b80ccd26878811a89d68b42f4
b5a7688ddc9940927ee3570729224861d9d9e5783f718adc26a0d887d26a03a4
b6979e6df6de3479cee7b8e302e95c6887e7caf4756536272033cf159f331d44
b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124
b990373fcc75a911c5a819a789bd68e0613388db0604eaba29241bcb308304d3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be28728d2d9acb8af7e395711558af7cd95441c7be3856aea4ee3184a6c065f6
bea4e5a6c5a8bf710766cd085eaa064d8a57b4865e866df47b46b285ab7bae40
bfe1ff2b4a13e4d104ed667fb1942de59ae436e9e5c833a8632ce70698c64280
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5100cd90a95aa459fe237adc409043e20f8fd06caa5cd3b74d66f79387ae0fb
c7181f66fd7038a68b26cbb290d8af50cbcce22e24737373fe69bb8f925a5fd9
c832c41ec62d0a9856c0ca5550a9b67c56bb7899f6901a0423c11206844de5c2
c8bf7e6d180152f93b423487d4a6d9d2ab350acf9ef307d952b95b44f43c1c08
c93b08e813b2d06bdb0d864c11abe5827bd58dffd80c94be46716e29f695bbf1
c9b71c5eaa38cdc096b9155d085559cbd569e299c476f5f649dea619afe869f6
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0374d60078f13cdbffa04c0475de553a185b8395367601466b3821417b75d56
d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4
dba01913983f6488a10f5ebba9cc7a9b34940a7b7740759e346ed68a536cba82
de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994
deb18835a4b0465a02771e3ff806361227270da1c5531bba824f0907c3298372
e1696dc35f72dece9399a42aeed5a4a5065e5af2429d8ee52bad9f0a76f7249f
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79bb1abbc7abb7e99989699b08d664e75c304396eeef74206270f3e64df4414
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e80082c29c65cb2ebe469a2ebe31c1fd9eaecd912ab5b9f730ae862dc674aa2d
e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257
ee034a6cfa166960dac8b3faed99d2f0393468053f3e32d1c80c677d549f38a5
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f86e410254aa1f9ffcf3b4ec2aeb34f6f3e9ccd5e336274c24b15866321f89df
fc8530ea4ddaa58f89055cfe45cf74858650c40cc7d6d81aefb5600be61c2c27

userouto.novemberrain.lol Open in urlscan Pro 195.88.24.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

198 Requests

83 %HTTPS

25 %IPv6

73 Domains

91 Subdomains

61 IPs

8 Countries

3668 kBTransfer

5878 kBSize

80 Cookies

10 Outgoing links

Redirected requests

198 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

userouto.novemberrain.lol Open in urlscan Pro
195.88.24.26 Public Scan

Screenshot
Live screenshot

Full Image

198
Requests

83 %
HTTPS

25 %
IPv6

73
Domains

91
Subdomains

61
IPs

8
Countries

3668 kB
Transfer

5878 kB
Size

80
Cookies

198 HTTP transactions
0 data transactions