urlscan.io logo urlscan.io
SecurityTrails logo

www.dailythanthi.com Open in urlscan Pro
2a02:26f0:6c00:29c::3975  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.dailythanthi.com/
Submission: On May 31 via manual from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 97 IPs in 11 countries across 99 domains to perform 433 HTTP transactions. The main IP is 2a02:26f0:6c00:29c::3975, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.dailythanthi.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 11th 2021. Valid for: a year.
This is the only time www.dailythanthi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
19 142.250.181.226 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
7 15 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
7 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 13.227.156.91 16509 (AMAZON-02)
16 2a04:4e42:1b:... 54113 (FASTLY)
4 13.226.158.204 16509 (AMAZON-02)
3 199.232.137.44 54113 (FASTLY)
4 2a03:2880:f01... 32934 (FACEBOOK)
2 5 13.226.159.88 16509 (AMAZON-02)
1 2600:9000:218... 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.226.159.25 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
42 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.226.159.21 16509 (AMAZON-02)
1 54.213.1.67 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.105.34.228 63949 (LINODE-AP...)
1 2a00:1450:400... 15169 (GOOGLE)
1 51.77.64.70 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.36.109.22 16276 (OVH)
1 35.156.10.121 16509 (AMAZON-02)
1 213.19.147.42 3356 (LEVEL3)
2 178.250.2.131 44788 (ASN-CRITE...)
7 54.246.172.223 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
4 51.38.120.206 16276 (OVH)
2 192.96.200.41 30633 (LEASEWEB-...)
1 77.245.57.72 36057 (WEBAIR-IN...)
1 2 216.52.2.19 29791 (VOXEL-DOT...)
4 8 37.252.172.249 29990 (ASN-APPNEX)
15 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 37 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:1901:0:7... 15169 (GOOGLE)
13 2606:4700:20:... 13335 (CLOUDFLAR...)
2 3 2620:116:800d... 16509 (AMAZON-02)
1 1 34.246.227.69 16509 (AMAZON-02)
6 18 142.250.186.98 15169 (GOOGLE)
1 1 18.194.175.178 16509 (AMAZON-02)
2 3 35.244.174.68 15169 (GOOGLE)
2 2 35.227.252.103 15169 (GOOGLE)
1 2 2a05:d01c:1d8... 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
11 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 23.45.99.241 16625 (AKAMAI-AS)
2 2 185.94.180.125 35220 (SPOTX-AMS)
3 4 185.64.189.115 62713 (AS-PUBMATIC)
1 10 185.64.189.110 62713 (AS-PUBMATIC)
2 2 3.126.63.176 16509 (AMAZON-02)
3 3 18.156.0.31 16509 (AMAZON-02)
1 1 52.56.111.113 16509 (AMAZON-02)
2 2a02:2638::3 44788 (ASN-CRITE...)
1 2a02:2638::1c 44788 (ASN-CRITE...)
1 54.171.232.254 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 6 34.98.64.218 15169 (GOOGLE)
1 1 2.18.234.21 16625 (AKAMAI-AS)
1 2 69.173.144.138 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 217.182.200.20 16276 (OVH)
1 34.120.25.144 15169 (GOOGLE)
4 2.18.233.180 16625 (AKAMAI-AS)
1 2620:1ec:bdf::67 8068 (MICROSOFT...)
1 104.17.119.107 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 151.101.113.108 54113 (FASTLY)
18 54.77.19.59 16509 (AMAZON-02)
2 67.202.110.24 32748 (STEADFAST)
5 185.86.137.121 201081 (SMARTADSE...)
6 6 213.19.147.44 3356 (LEVEL3)
7 7 76.223.111.131 16509 (AMAZON-02)
1 52.203.172.63 14618 (AMAZON-AES)
1 1 88.214.206.247 46636 (NATCOWEB)
2 2 193.0.160.128 54312 (ROCKETFUEL)
5 6 37.157.2.237 198622 (ADFORM)
2 2 213.155.156.184 1299 (TELIANET ...)
5 185.64.190.80 62713 (AS-PUBMATIC)
1 1 178.250.2.151 44788 (ASN-CRITE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 3 54.246.13.173 16509 (AMAZON-02)
1 1 162.55.6.213 24940 (HETZNER-AS)
3 3 185.29.135.226 30419 (MEDIAMATH...)
2 185.64.189.114 62713 (AS-PUBMATIC)
2 3 146.59.148.16 16276 (OVH)
2 2 52.48.248.240 16509 (AMAZON-02)
2 2 18.198.69.109 16509 (AMAZON-02)
1 159.253.128.188 36351 (SOFTLAYER)
1 2 2a00:1288:110... 34010 (YAHOO-IRD)
6 7 18.185.140.232 16509 (AMAZON-02)
1 1 154.59.122.79 174 (COGENT-174)
3 4 151.101.114.49 54113 (FASTLY)
1 1 2001:678:cb4:... 56396 (TURN)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 37.252.173.27 29990 (ASN-APPNEX)
1 1 185.183.112.155 60350 (VP)
2 2 3.127.51.194 16509 (AMAZON-02)
1 1 70.42.32.127 22075 (AS-OUTBRAIN)
1 1 54.87.192.123 14618 (AMAZON-AES)
1 1 23.22.239.72 14618 (AMAZON-AES)
1 150.136.156.92 31898 (ORACLE-BM...)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 70.42.32.63 22075 (AS-OUTBRAIN)
2 2 18.185.206.125 16509 (AMAZON-02)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 18.195.155.181 16509 (AMAZON-02)
1 1 202.241.208.100 4694 (IDCF IDC ...)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
2 104.111.239.217 16625 (AKAMAI-AS)
3 46.236.13.147 24931 (DEDIPOWER)
2 13.226.159.110 16509 (AMAZON-02)
1 81.29.72.47 24931 (DEDIPOWER)
2 52.209.181.46 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
433 97
20    2a02:26f0:6c00:29c::3975 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.dailythanthi.com
19    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
2    2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.izooto.com
15    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
34    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    2a02:26f0:6c00:2b8::3975 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
img.dailythanthi.com
1    13.227.156.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-156-91.muc51.r.cloudfront.net
ads.rwadx.com
16    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    13.226.158.204 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-158-204.dus51.r.cloudfront.net
c.amazon-adsystem.com
3    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    13.226.159.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-88.dus51.r.cloudfront.net
sb.scorecardresearch.com
1    2600:9000:2182:d200:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
13    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
3    2606:4700::6812:d6b (United States)

ASN13335 (CLOUDFLARENET, US)
adgebra.co.in
1    13.226.159.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-25.dus51.r.cloudfront.net
certify-js.alexametrics.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
6    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3177363cb3f4f6203a894876a9c99928.safeframe.googlesyndication.com
42    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
17    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
3    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    13.226.159.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-21.dus51.r.cloudfront.net
certify.alexametrics.com
1    54.213.1.67 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-1-67.us-west-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.105.34.228 (Mumbai, India)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1986-228.members.linode.com
covidapi.unibots.in
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    51.77.64.70 (France)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    54.36.109.22 (France)

ASN16276 (OVH, FR)
PTR: p09.id5-sync.com
id5-sync.com
1    35.156.10.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-10-121.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
7    54.246.172.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-172-223.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
2    192.96.200.41 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
sync.aralego.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
cpm.fmlabsonline.com
2    216.52.2.19 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
8    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
15    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2606:4700::6812:417 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.expo9.exponential.com
37    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
s.tribalfusion.com
a.tribalfusion.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
13    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
3    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
pixel.quantserve.com
1    34.246.227.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
18    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
1    18.194.175.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
d.agkn.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
id.rlcdn.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
2    2a05:d01c:1d8:8102:5af6:b07b:462f:23c8 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
2    2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
ad4mat.net
11    2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
2    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
4    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
10    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    3.126.63.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    52.56.111.113 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
aa.agkn.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    54.171.232.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-232-254.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
eu-u.openx.net
1    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    217.182.200.20 (France)

ASN16276 (OVH, FR)
PTR: gcm6.host.hit.gemius.pl
googlecm.hit.gemius.pl
1    34.120.25.144 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 144.25.120.34.bc.googleusercontent.com
public-prod-dspcookiematching.dmxleo.com
4    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2620:1ec:bdf::67 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public.servenobid.com
1    104.17.119.107 (United States)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
1    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
1    151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
18    54.77.19.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
g2.gumgum.com
rtb.gumgum.com
2    67.202.110.24 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-110.static.steadfastdns.net
pixel.33across.com
ssc-cms.33across.com
5    185.86.137.121 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
6    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
7    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    52.203.172.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-172-63.compute-1.amazonaws.com
jadserve.postrelease.com
1    88.214.206.247 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
6    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.184 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
5    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    54.246.13.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-13-173.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    162.55.6.213 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213.6.55.162.clients.your-server.de
csync.loopme.me
3    185.29.135.226 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
3    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: ns3181477.ip-146-59-148.eu
pixel.onaudience.com
2    52.48.248.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.crwdcntrl.net
2    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loada.exelator.com
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
2    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
7    18.185.140.232 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
4    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    2a02:fa8:8806:20::2040 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
2    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
secure.adnxs.com
1    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
2    3.127.51.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.creative-serving.com
1    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    54.87.192.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
1    23.22.239.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
1    150.136.156.92 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    18.185.206.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ad.360yield.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
cs.emxdgt.com
1    202.241.208.100 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
2    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
3    46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
2    13.226.159.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-110.dus51.r.cloudfront.net
analytics.webgains.io
analytics-wg.webgains.io
1    81.29.72.47 (Croydon, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net
diapi.webgains.com
2    52.209.181.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
api.webgains.io
2    2a00:1450:4001:82a::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
w-it.m-t.io
Apex Domain
Subdomains		 Transfer
77 googlesyndication.com
pagead2.googlesyndication.com
3177363cb3f4f6203a894876a9c99928.safeframe.googlesyndication.com
tpc.googlesyndication.com
1 MB
47 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
229 KB
37 tribalfusion.com
s.tribalfusion.com
a.tribalfusion.com
23 KB
27 dailythanthi.com
www.dailythanthi.com
img.dailythanthi.com
548 KB
26 pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
ads.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
49 KB
22 google.com
www.google.com
cse.google.com
adservice.google.com
5 KB
18 gumgum.com
g2.gumgum.com
rtb.gumgum.com
5 KB
16 jsdelivr.net
cdn.jsdelivr.net
469 KB
15 ampproject.org
cdn.ampproject.org
299 KB
13 ad4m.at
ad4m.at
as.ad4m.at
assets.ad4m.at
383 KB
12 googletagservices.com
www.googletagservices.com
389 KB
12 gstatic.com
www.gstatic.com
ssl.gstatic.com
fonts.gstatic.com
316 KB
11 cloudflareinsights.com
static.cloudflareinsights.com
55 KB
11 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
25 KB
8 openx.net
rtb.openx.net
us-u.openx.net
eu-u.openx.net
2 KB
8 servenobid.com
ads.servenobid.com
public.servenobid.com
5 KB
7 bidswitch.net
x.bidswitch.net
3 KB
7 adsrvr.org
match.adsrvr.org
3 KB
7 google.de
adservice.google.de
www.google.de
1 KB
6 adform.net
c1.adform.net
3 KB
5 smartadserver.com
ssbsync.smartadserver.com
1 KB
5 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
4 KB
5 everesttech.net
pixel.everesttech.net
sync-tm.everesttech.net
2 KB
5 1rx.io
tag.1rx.io
sync.1rx.io
3 KB
5 scorecardresearch.com
sb.scorecardresearch.com
3 KB
4 webgains.io
analytics.webgains.io
api.webgains.io
analytics-wg.webgains.io
105 KB
4 webgains.com
track.webgains.com
diapi.webgains.com
98 KB
4 onetag-sys.com
onetag-sys.com
2 KB
4 criteo.com
bidder.criteo.com
gum.criteo.com
dis.criteo.com
1001 B
4 googleadservices.com
partner.googleadservices.com
765 B
4 google-analytics.com
ssl.google-analytics.com
www.google-analytics.com
36 KB
4 facebook.net
connect.facebook.net
163 KB
4 amazon-adsystem.com
c.amazon-adsystem.com
36 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 rlcdn.com
id.rlcdn.com
1 KB
3 quantserve.com
cms.quantserve.com
pixel.quantserve.com
1 KB
3 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
ad4mat.net
3 facebook.com
www.facebook.com
400 B
3 adgebra.co.in
adgebra.co.in
4 KB
3 taboola.com
cdn.taboola.com
142 KB
2 m-t.io
w-it.m-t.io
280 B
2 awin1.com
www.awin1.com
1 KB
2 creativecdn.com
creativecdn.com
695 B
2 360yield.com
ad.360yield.com
617 B
2 zemanta.com
b1sync.zemanta.com
1 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 exelator.com
loada.exelator.com
2 KB
2 crwdcntrl.net
sync.crwdcntrl.net
988 B
2 de17a.com
d5p.de17a.com
637 B
2 rfihub.com
p.rfihub.com
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
938 B
2 33across.com
pixel.33across.com
ssc-cms.33across.com
2 rubiconproject.com
pixel.rubiconproject.com
698 B
2 googleapis.com
fonts.googleapis.com
1 KB
2 criteo.net
static.criteo.net
53 KB
2 advertising.com
pixel.advertising.com
695 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 bluekai.com
tags.bluekai.com
stags.bluekai.com
2 KB
2 innovid.com
ag.innovid.com
686 B
2 agkn.com
d.agkn.com
aa.agkn.com
1 KB
2 exponential.com
tags.expo9.exponential.com
28 KB
2 lijit.com
ap.lijit.com
1 KB
2 aralego.com
hb.aralego.com
sync.aralego.com
448 B
2 emxdgt.com
hb.emxdgt.com
cs.emxdgt.com
163 B
2 alexametrics.com
certify-js.alexametrics.com
certify.alexametrics.com
3 KB
2 izooto.com
cdn.izooto.com
41 KB
1 socdm.com
tg.socdm.com
692 B
1 contextweb.com
bh.contextweb.com
383 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 stackadapt.com
sync.srv.stackadapt.com
614 B
1 outbrain.com
sync.outbrain.com
627 B
1 adotmob.com
sync.adotmob.com
684 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 turn.com
ad.turn.com
518 B
1 acuityplatform.com
ums.acuityplatform.com
706 B
1 simpli.fi
um.simpli.fi
610 B
1 loopme.me
csync.loopme.me
212 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 admanmedia.com
cs.admanmedia.com
394 B
1 postrelease.com
jadserve.postrelease.com
428 B
1 aralego.net
cdn.aralego.net
1 KB
1 brealtime.com
biddr.brealtime.com
1 KB
1 dmxleo.com
public-prod-dspcookiematching.dmxleo.com
176 B
1 gemius.pl
googlecm.hit.gemius.pl
339 B
1 casalemedia.com
dsum-sec.casalemedia.com
1 KB
1 krxd.net
beacon.krxd.net
337 B
1 fmlabsonline.com
cpm.fmlabsonline.com
267 B
1 id5-sync.com
id5-sync.com
538 B
1 ip-api.com
pro.ip-api.com
194 B
1 unibots.in
covidapi.unibots.in
11 KB
1 googletagmanager.com
www.googletagmanager.com
35 KB
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 imrworldwide.com
secure-gl.imrworldwide.com
430 B
1 rwadx.com
ads.rwadx.com
14 KB
433 99
Domain Requested by
42 tpc.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.dailythanthi.com
cdn.ampproject.org
googleads.g.doubleclick.net
34 pagead2.googlesyndication.com www.dailythanthi.com
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
s.tribalfusion.com
www.googletagservices.com
26 s.tribalfusion.com tags.expo9.exponential.com
s.tribalfusion.com
static.cloudflareinsights.com
20 www.dailythanthi.com www.dailythanthi.com
18 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
www.dailythanthi.com
g2.gumgum.com
17 rtb.gumgum.com public.servenobid.com
g2.gumgum.com
16 cdn.jsdelivr.net www.dailythanthi.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
15 www.google.com 7 redirects tpc.googlesyndication.com
www.dailythanthi.com
googleads.g.doubleclick.net
15 securepubads.g.doubleclick.net www.dailythanthi.com
securepubads.g.doubleclick.net
www.googletagservices.com
13 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
12 www.googletagservices.com pagead2.googlesyndication.com
www.dailythanthi.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
11 a.tribalfusion.com 4 redirects s.tribalfusion.com
11 static.cloudflareinsights.com s.tribalfusion.com
10 simage2.pubmatic.com 1 redirects ads.pubmatic.com
8 ib.adnxs.com 4 redirects cdn.jsdelivr.net
acdn.adnxs.com
7 x.bidswitch.net 6 redirects ads.pubmatic.com
7 match.adsrvr.org 7 redirects
7 ads.servenobid.com cdn.jsdelivr.net
public.servenobid.com
ssbsync.smartadserver.com
g2.gumgum.com
7 img.dailythanthi.com www.dailythanthi.com
6 assets.ad4m.at as.ad4m.at
6 c1.adform.net 5 redirects ads.pubmatic.com
6 fonts.gstatic.com fonts.googleapis.com
6 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
6 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 image2.pubmatic.com ads.pubmatic.com
5 ssbsync.smartadserver.com public.servenobid.com
ssbsync.smartadserver.com
5 us-u.openx.net 3 redirects s.tribalfusion.com
www.dailythanthi.com
5 ad4m.at googleads.g.doubleclick.net
ad4m.at
5 sb.scorecardresearch.com 2 redirects www.dailythanthi.com
5 www.gstatic.com www.dailythanthi.com
www.google.com
googleads.g.doubleclick.net
4 sync-tm.everesttech.net 3 redirects g2.gumgum.com
4 sync.1rx.io 4 redirects
4 ads.pubmatic.com cdn.jsdelivr.net
ads.pubmatic.com
g2.gumgum.com
4 image6.pubmatic.com 3 redirects ads.pubmatic.com
4 onetag-sys.com cdn.jsdelivr.net
public.servenobid.com
4 partner.googleadservices.com pagead2.googlesyndication.com
4 connect.facebook.net www.dailythanthi.com
connect.facebook.net
4 c.amazon-adsystem.com www.dailythanthi.com
c.amazon-adsystem.com
3 track.webgains.com as.ad4m.at
analytics.webgains.io
3 pixel.onaudience.com 2 redirects ads.pubmatic.com
3 sync.mathtag.com 3 redirects
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 ups.analytics.yahoo.com 3 redirects
3 id.rlcdn.com 2 redirects googleads.g.doubleclick.net
3 www.facebook.com www.dailythanthi.com
connect.facebook.net
3 adgebra.co.in www.dailythanthi.com
adgebra.co.in
3 cdn.taboola.com www.dailythanthi.com
cdn.taboola.com
2 w-it.m-t.io analytics-wg.webgains.io
2 api.webgains.io analytics.webgains.io
2 www.awin1.com as.ad4m.at
2 as.ad4m.at ad4m.at
as.ad4m.at
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 secure.adnxs.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 loada.exelator.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 p.rfihub.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 pixel.rubiconproject.com 1 redirects s.tribalfusion.com
2 fonts.googleapis.com tpc.googlesyndication.com
googleads.g.doubleclick.net
2 static.criteo.net cdn.jsdelivr.net
static.criteo.net
2 pixel.advertising.com 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 ag.innovid.com 1 redirects googleads.g.doubleclick.net
2 rtb.openx.net 2 redirects
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 tags.expo9.exponential.com securepubads.g.doubleclick.net
2 ap.lijit.com 1 redirects cdn.jsdelivr.net
2 bidder.criteo.com cdn.jsdelivr.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 ssl.google-analytics.com 1 redirects www.dailythanthi.com
2 cdn.izooto.com www.dailythanthi.com
cdn.izooto.com
1 analytics-wg.webgains.io analytics.webgains.io
1 diapi.webgains.com track.webgains.com
1 analytics.webgains.io track.webgains.com
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com g2.gumgum.com
1 ssc-cms.33across.com g2.gumgum.com
1 bh.contextweb.com 1 redirects
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 sync.outbrain.com 1 redirects
1 eu-u.openx.net 1 redirects
1 sync.adotmob.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 jadserve.postrelease.com public.servenobid.com
1 pixel.33across.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 sync.aralego.com cdn.aralego.net
1 acdn.adnxs.com cdn.jsdelivr.net
1 cdn.aralego.net cdn.jsdelivr.net
1 biddr.brealtime.com cdn.jsdelivr.net
1 public.servenobid.com cdn.jsdelivr.net
1 public-prod-dspcookiematching.dmxleo.com s.tribalfusion.com
1 googlecm.hit.gemius.pl 1 redirects
1 dsum-sec.casalemedia.com 1 redirects
1 beacon.krxd.net s.tribalfusion.com
1 gum.criteo.com static.criteo.net
1 aa.agkn.com 1 redirects
1 tags.bluekai.com 1 redirects
1 ad4mat.net ad4m.at
1 static-de.ad4mat.net ad4m.at
1 d.agkn.com 1 redirects
1 pixel.everesttech.net 1 redirects
1 prod-rtb.ad4mat.net googleads.g.doubleclick.net
1 cpm.fmlabsonline.com cdn.jsdelivr.net
1 hb.aralego.com cdn.jsdelivr.net
1 hbopenbid.pubmatic.com cdn.jsdelivr.net
1 tag.1rx.io cdn.jsdelivr.net
1 hb.emxdgt.com cdn.jsdelivr.net
1 id5-sync.com cdn.jsdelivr.net
1 pro.ip-api.com cdn.jsdelivr.net
1 covidapi.unibots.in www.dailythanthi.com
1 www.googletagmanager.com www.dailythanthi.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.dailythanthi.com
1 certify.alexametrics.com www.dailythanthi.com
1 www.google.de www.dailythanthi.com
1 stats.g.doubleclick.net 1 redirects
1 3177363cb3f4f6203a894876a9c99928.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 certify-js.alexametrics.com www.dailythanthi.com
1 ssl.gstatic.com www.gstatic.com
1 secure-gl.imrworldwide.com www.dailythanthi.com
1 ads.rwadx.com www.dailythanthi.com
1 cse.google.com www.dailythanthi.com
433 142
Subject Issuer Validity Valid
*.dailythanthi.com
Go Daddy Secure Certificate Authority - G2		 2021-01-11 -
2022-02-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-14 -
2021-08-14		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
events.rwadx.com
Amazon		 2020-09-27 -
2021-10-29		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-05-18 -
2022-03-26		 10 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-28 -
2022-02-01		 a year crt.sh
www.adgebra.co.in
Go Daddy Secure Certificate Authority - G2		 2019-12-26 -
2022-01-07		 2 years crt.sh
certify-js.alexametrics.com
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
certify.alexametrics.com
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2020-10-08 -
2021-11-07		 a year crt.sh
cricket.unibots.in
R3		 2021-05-01 -
2021-07-30		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-05 -
2021-11-04		 2 years crt.sh
*.id5-sync.com
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
*.emxdgt.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.servenobid.com
Amazon		 2021-02-12 -
2022-03-13		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
onetag-sys.com
R3		 2021-05-02 -
2021-07-31		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-23 -
2021-11-21		 2 years crt.sh
*.fmlabsonline.com
Certum Domain Validation CA SHA2		 2021-01-06 -
2022-01-06		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
exponential.com
Cloudflare Inc ECC CA-3		 2021-04-21 -
2022-04-20		 a year crt.sh
*.ad4mat.net
AlphaSSL CA - SHA256 - G2		 2019-08-06 -
2021-09-08		 2 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
dspcookiematching.dmxleo.com
ZeroSSL RSA Domain Secure Site CA		 2021-04-18 -
2021-07-17		 3 months crt.sh
public.servenobid.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-22 -
2022-05-22		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.onaudience.com
Certyfikat SSL		 2021-05-28 -
2022-05-28		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
www.awin1.com
DigiCert Secure Site ECC CA-1		 2020-04-21 -
2021-07-21		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
w-it.m-t.io
GTS CA 1D4		 2021-04-09 -
2021-07-09		 3 months crt.sh

This page contains 70 frames:

Primary Page: https://www.dailythanthi.com/
Frame ID: CD4D1BD352883E2F47D329B0E9C185FD
Requests: 122 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html
Frame ID: 684E4763C2CE822C0694133A387FE104
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=280&slotname=5090965374&adk=3391107727&adf=470411946&pi=t.ma~as.5090965374&w=336&lmt=1622424746&psa=0&format=336x280&url=https%3A%2F%2Fwww.dailythanthi.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425135526&bpp=4&bdt=246&idt=355&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=7695781475912&frm=20&pv=2&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=121747644&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3964979307402083&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4VbjCURqqa&p=https%3A//www.dailythanthi.com&dtd=370
Frame ID: BE3ED1D67262EF3E40C941EDBB77D114
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&adk=1812271804&adf=3025194257&lmt=1622424746&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425135808&bpp=1&bdt=528&idt=115&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&nras=1&correlator=7695781475912&frm=20&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=121747644&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3964979307402083&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=126
Frame ID: 16CD158C08FA9A12739EFD678B9DFC53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6376205116838079&output=html&adk=1812271804&adf=1573534164&lmt=1622424746&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136041&bpp=1&bdt=760&idt=0&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc15c5e7fd1b40a52-227224a54dc8007f%3AT%3D1622425135%3ART%3D1622425135%3AS%3DALNI_MZ-iqcjq-gqZP2h2WtNRHME3lHRhA&prev_fmts=336x280%2C0x0&nras=2&correlator=7695781475912&frm=20&pv=2&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=121747644&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3964979307402083&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=32&uci=a!w&fsb=1&dtd=3
Frame ID: A6C88C59890F62C31120FD9B97B76BF2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: AEED56DB18A7B541E35B89DBD7FEBED7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D987CA196D8A6D95662118FD93FA77D2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Frame ID: E74BF672D2A14443ABE2D15F5B037DA3
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXulnbaEfji3XIXNtJ8MBgCsG6NNbJa4fDjzeR7YC5IhnAuybO3tMWVkc-CkmOdgIOT0wb7rs7UvYhHGTxnDOW2iMuCjjeIkE4qTrLAPqn8xJSWHVg1XW37AyUJMTp1_uNSLME5IQh-QUPJmgHUbP9WCK-KB7J2Pa9rdVy1DsIHMhg7tGgCXc7aUOzmd_10YDHMabvJgNZl91KPhGNnaXYwTP_jOI5nxXVc2g_e3PwG5eCWemaM1EKkqM42ma4yqxYHlXoiNkWqsEHD5vjzr8U_rl0vY3e83uPr2LorNRQRWsxLA1xPJy1zu334fA&sai=AMfl-YTPZx8CFmMD_vE2Bg10oOCVv1fIbt7Rjw-aaFgPVFkqv-nz_HOX-1o55q3CdqsTulvUEbgvXNE-m4KhbaMi8YbxrubA-lAenseBbOxMAZS1ETNx__kMRRPZgdjS5yI&sig=Cg0ArKJSzH3TqjRXIxlTEAE&urlfix=1&adurl=
Frame ID: 57612B07907730A9856CD64CFA09DF48
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRxMYwyh316z8lg2Xy22ke9U5spk2KQoNKlSlnVxLMEF65g7q-jes5kZ7S8mQLlvOx-2BvvFxoM5JyJkbQRKqMrxeahgNEdlnanhdSRlpiJLfX0nNsTgP4cfChZhxgJKVpgDo0BAhwMi0NmKQOyQ8lYuBqrGinv_zu4NDp9lME7MsjHKTDLDBVYoShCwWpZk7to_HZUer0eLiRGmHgLIUwQsPb0aUuPRiUDTsl9l32efID5IDJtRFpHpEWcVA6bdpRw-TJ_G16LYnR76HJJjA8jxm6N6OXwUiZlllRMcp25VTBgTBFQg&sai=AMfl-YQ3lLJFpt7radZGnNie8PGmRQwNX6BagmaRkom4qjCwCk_JW6e0GJZM860FyZEz5zyj7i0eGI_hpBpMy2PEutdj5qC9BcPwH4CRRkvHpEako_0NOrRGpXP14L4kaxg&sig=Cg0ArKJSzN7tXGAAOrJhEAE&urlfix=1&adurl=
Frame ID: DD1769489867B7FDE51F78926C2E82C3
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Frame ID: C802A67B3D4AE3BDFD917A661A618E95
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1IJ8yBK6r14SeUZV-5ViLKKiXkIlma0zjHP54b3wzb2jIGXGlfiDAHBVZEpfs-b5TjgzsWCFoOI0gI8RgkB-J4__A-vuJb4_oS7lqAZazopm86n5mdb9fgpo0E10uDSz2AhT5CcUiJ7pg5GU4vfe6fvXHTfMzwmCZDQactXDXJIq8lbWjNdmGtQnhAq6LgcNdhY1q2qcj1BUunyP30Z51e27LpulX89aUejt7Oa2mmOQ0k68iJFzXlt6TYBVg8cruYDyKXKg9gQOdl-ec89NeisXovkaQLPeJu52AAXYEY9qbxg&sai=AMfl-YRCP0eB1wZwEedd4I9OBM41JGV3gKWnjj_LP0wnxaHvE_I7UXL8TDbEH5Kg2tFgAgakhufPF6TqKn3rDeXHYWcn13GdTVgHCZfqSkGM9vjeDiozc6hw3TnuV_y2rwg&sig=Cg0ArKJSzHmFQAsvbxQuEAE&urlfix=1&adurl=
Frame ID: 0ABC39C86815F8264DA8D1E50ACF9101
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2bbXQBC9Kl7OFEhcJJGMki7mo-4WD3ux30cEz3A-m-nnSvBQw7ndv7m5UcsNIkHAN3s2O6ZEPe4_wFWM2uPC9hw7Wq12s2ImZNt7yn6JpcTJ_rBYjclzw0xHUUEalWz29oDh7Pd2s1Gv7MgdiOHdzvaYQqd2Hylx56sUc2HWFJK66cJZdYfs5Q9G7qT8YUe-47MLZi0LDIp5GGGHThkp8gIzxAQCQd2dKAttGMjtEWKikVq8nReNV-npdRT7UQBAES3205HMm-qDL7yjhTmE5jqmc_oRFvuv7P4seb3-TtLLkHQ&sai=AMfl-YTB-ILxP94ZwLpWGZsk6tr5UK23FvC-66tm-ZkoEQqjjznT1s72Zsd59O-5rMrGHfqhmEH0i_g6TekaEMsTk1MrqfFeb-VDKfFc7CzLpWOx8fbHJvxII3cxuH8PJpY&sig=Cg0ArKJSzHrGDUAgwgmhEAE&adurl=
Frame ID: DEC924A367FC0CA63F24B0B0AEC45CC1
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Frame ID: 5D3FED0EE8F1F9DD004FD18AB5D29B5F
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=90&slotname=4405952550&adk=3016797356&adf=3173046724&pi=t.ma~as.4405952550&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136900&bpp=2&bdt=161&idt=140&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=667000439&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=284&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2021982103&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=2749927025966008&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gnf5v5ppjjnm&fsb=1&dtd=145
Frame ID: 1C229F650553FEA7290C2AC1008491A1
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1k6y18rzd9b8djxr3xn8vh4sq7eezrm2ny5hze0ffdm7fjvxnc41q697mada9y8zmnjpddfm7ch4rs9mabjwedpqrcg7tt0gn4j7qj6s98yhdtap639p9qntcy0d22016nzh653qecdcq4k8m18f3rr0smkr88sxkppvczy4drdcdphs4z0a41p1tnq1b9sbvx0y05r8xtfvyw0g2yh49k383y536a4wn42qmax03yxk70esct13x0hw6fxpqh6t1evh8k9zbk2m3tjygwv2eq79nhg4j3mdbbzzpk6htf2vxr5v6at0wm55qrtv9kztv4zwpmfh2f23vqjbyk495rn9em06pb72a3gbksrb76158r5bq4h867mec000&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%26client%3Dca-pub-3076479851646180%26adurl%3D
Frame ID: D9ABD2A27B28C34518EC8C094A354AB8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BC9F2DC7A11B3C6B8789CBAF050AF4FC
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A0FF64E34C2008D934CD6D8908ED311B
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 866F36FFA710EC9875C9646646045FFB
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a4mTR8prMZd0GnPYGnT1cnupTfU2bnPTrJZcWP34Rqr0ScYOPdbN1dvqWP3N2GQ20UYBV6qm4PZb7RmrA2H3O0HQZdmHTm3mrP4sjeUVJ8UcJiPP3oUHUTUUbY2U2pUqnvVE3iQEBHQGFLRravSdr7UcvP2FmtntAmYaTy3tbFSGjZa46JZamdiyTt77XbYcXrYf0TqoSFFAWFM4VdQ4mFfxRUrN1EFtXqJ5uZa4qvV&mediaDataID=2713736&mediaName=frame.html
Frame ID: 61AD6F46E4A01E80249E028E79FFB16B
Requests: 4 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a5mTR8VWJ60bnaYFjg1EIqPbMZcTrU2WHnWmbjnRbbr1EQN4Ebl4q74naFFYFF7WHf0oPnLnG7pmW7D3T373d6n46nEpbQZb0sfXXVFYXGZbOpT742bYRWUJHVm75REvQQsYNQdUtYdjnT6vp3VUX0bQZaVmys5AvdQmBF3HZbrXWYAnt2v36rY4V36Vsv8VGMeR6FMTHJPWbB33rEnWEUvTTJlSTBZcTsZbvOrFO9Zc&mediaDataID=6719746&mediaName=frame.html
Frame ID: A8FD8AF40828FDB9508A42EC245BEF3A
Requests: 4 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a6mTR83sr7VcQcUsfkPAJxWdnPWbb32bauWaQpTaYaSTUHRG7JPburStY7WcrW2FqvotirXqew4tjFQVbZa46YIpHPNVHb80rfiXbYiXaApPbQZbTb3YWdMUnFQmRUfNYTQO5EUc2qr1oT7IXUBaWt7WoAvZbmVUrpWUG2TZbh5teN5PvZbprQEYcQUXGMT1cvxnavQ2rJQTUZbDWPv3Pq3QScZbMStUN2WbDMk1xIq&mediaDataID=6546596&mediaName=frame.html
Frame ID: 4336F72436AC44D5E0C6C5D7EB81BFBF
Requests: 4 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a7mTR80GnQ1c341c7NpEjW5UZbUWrBGVAYTPTY1SV3sStBt0dJpVmbO3GvXXb3KVmuu2AU8P6MD4HFr0HQAntZaM4AJ13cY8TVJlVVMjPPnyWd33TFBS3FIxVEjoTTUlQEUGSGQARbimPHMiVsnR2ryqodapYa2y3tYAPVrG2mQHotXtVWbh0rn71bUg1EqtRUJCTrZb4Tdr0mbJoPbZbN1EFy3TUlYEMfmvl7is&mediaDataID=9148826&mediaName=frame.html
Frame ID: 874FC723A781CB8F888EB98FF15D6DBE
Requests: 4 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a8mTR80bnb1UBgXqanRrMEWUZbYWWr3nFfxPFJq1qUt3TBc5qQYmEMEXFjaUtjPoAMDpVvmoHfA5TFh3d6N5PfJmUjG0V3RYsFT1svNpTZbP5U32Wr7FVm33Qqb0ScQMQdBs1dvwTmnw4s3UYrYZcVAmr2P3aQmJF3Hnm1HBKpdEo5mBR3sYgVVUbUsFlSmFuUWFRTUn35r6rWarmVanlSTBFQVQJWUaCnxpZd2p&mediaDataID=8039566&mediaName=frame.html
Frame ID: 14A1BF4CC6439FD936DADE849A2E4B5F
Requests: 4 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a9mTR8VcQcUcbfSmZbvUdQTWrJ55ramVEUvVErbSaQZcQVFAQbIoRW76Vc3R4rmood6M0amv2dbGSVMG46YHotIpUtYf0r3cYrY71TqoPbMDWUYSVtB1mUfoQbrr1EYy5EBd4q7PoEfB1rJfTdfUomrZcpGnspW3G2Tnk2dmq3A7GnbbZd0G30XGUY1G7vmqvT3bFSWbMDUP3YPTMXQVrMStUrYtvpQAvIN2LG6Za&mediaDataID=6347136&mediaName=frame.html
Frame ID: 47EC503C10D69296A980458A6EA235F0
Requests: 4 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aamTR81c33XG7wpE7W3UUUTFFDVAU4QE3QQsntSHFNYtjwWmUu2cBYYbrZcTAyo2PYgRmbA2WZbsXHJKntZao5mQV4VbeVsMbWcM6S6FMWdnSWrbP2UAoWTQrWaJaST3FSGFBPbuxPWrbUVv55bqsoWem0quO3tQAPVJD56JZbmdAyTHQ60b3kXr7h0TyrSFJHUbB2WWF0objsPFjtYqMy3TUa2a7Ytq7pNYA3KA&mediaDataID=6530936&mediaName=frame.html
Frame ID: 10B62EBC46856F780EE7C61435292C95
Requests: 4 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=abmTR81UBeXaiqPrYAWFZb0Ttv1obbrPFZbNYTvs3aFl2arPnEZbDYbUbTtFUmmvIpGrumWnD3EZbe5duq5PfGnbrLYc7X1sn41svpmavQ5UnRTFfZcVmr2RqU3PVZbsStJr1djxVmbn4cU20UQDUPut26QdR6jG3Hvm1HMZdmt2u36YY5cj7VcMjVcJlSAvmTHFWUFM52FPrUaQqVEQcQavFQVQCRruoUdMWyiIXNj&mediaDataID=7665496&mediaName=frame.html
Frame ID: A121F50F19BDEA26A1BE3A1E3616960B
Requests: 4 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=acmTR8UcbfPP3wUdMPTbnY5barWaMmWEnlQEMZdQcBJRrixSWQdWGbS5rXsmWas0qyn4tMFQGrF26BZbotIyTHBaYF7i1Fjh1qqOSUJCWUr3TtQWmr7oQrjqXqFt3TJa4qrQmEMK1bB6WH7Xn6MZapsMrmHvF2Tvk2dZan4PvZaprMEXVfQ1cnV1VFvmqFW2rFVVrnBV6jYRTY2QsUqQHjrYtvuT6bu1V3kOuOycQ&mediaDataID=5436426&mediaName=frame.html
Frame ID: 71346EE16DD457F8768FBF8ABBBA1C72
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: C79D97DB80220C2137C358F39793696D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 59114FACFE4A27775A2E316A2469054D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=90&slotname=9500074323&adk=2706232591&adf=711894563&pi=t.ma~as.9500074323&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425137977&bpp=2&bdt=1184&idt=54&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=2&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=432242036&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1329&biw=1600&bih=1200&isw=728&ish=90&ifk=2434894727&scr_x=0&scr_y=0&eid=31060930%2C31060840%2C44740386%2C44743002&oid=3&pvsid=1815453050058392&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umrugwbk180e&btvi=1&fsb=1&dtd=65
Frame ID: 03D700925BBD95819C7871094E220D97
Requests: 7 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aJmTR8ScUsStZbO1WZbpW63w4srWYbFIT6Tw4An8RPjB4WYM1HnLnt2N4PvT5GM9Vc3lUsbeRPFxWtZbWUbjP3rZatVqnoVaQcPTBHRcQZbRrZatPHviVcvS4FTqnWqq0qqp2tnZaQVrZc263ZcmdEyUtFc0Ur71UJl1qAoSrrCTFBYTtQWmbQmRUBNXaJt4Tff5E7XmaMHXUYaWWBUmPnInsYwmHfJ5EZbg0WiFOhXhP2&mediaDataID=6807466&mediaName=frame.html
Frame ID: 0B0DB75AF0B591F5973AA8B84C71C4C0
Requests: 4 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aKmTR81E3t3TZbl4avQoaJB1rf7UdZb0nAQBnV3mmtvC5EY92dAr5PvKmF3JXsvS1cQTXV7xnTvW5FZbVVU7ZcWPn1QEv0QVUqSHUt0HvtT6QM4sYUXUYZbV6qt56Zb9R67K2HYy0HBCptIx363Y4VvdVVU8UcjkSAnMTtvRTbM05bEuWajoTTMlPa3LRsBAQUupRt79VsfR2U2smtisXEPp4dbZdSGrHYPUyyNjQHf&mediaDataID=4056396&mediaName=frame.html
Frame ID: 9CEBF1E9448BE63B1D2D7E786AC329BC
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=250&slotname=8071442581&adk=1791281496&adf=2632948842&pi=t.ma~as.8071442581&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425138159&bpp=2&bdt=1416&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=1081478119&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=202&biw=1600&bih=1200&isw=300&ish=250&ifk=1762975595&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C44743003&oid=3&pvsid=3784595887177500&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18obczk3120a&fsb=1&dtd=63
Frame ID: 0F8810E2A6CABF7D997A3055407D8C0E
Requests: 17 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailythanthi.com
Frame ID: 37C0993327FE773A9ABC60C5B5907B3D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html
Frame ID: EE76223EC1D9CA4666EE141E8026573C
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 22F66ECD417E3FE7741B10793544EA7D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
Frame ID: A0C2F390058C1F64E25882C98BEB85D8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 5702C80144AD0966031CBBD750C3BF1C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E67656AD7EB0C2D60A449C3EB87C0D9E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 33D1626B23479F9EE456F5E3D6F27613
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F67E92CABED52158CA9B135AF790C95B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1622425136224
Frame ID: 803E67E8A1102D2AB0B63002CF587230
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4159C33514239108940EF70EB689DF45
Requests: 20 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: FFF1B5772CAFF170D69E13155548A00F
Requests: 7 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: A53DA4BBFF755E953A99C665CEEE505C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 3739ABE23DA5856BC99A6DB82D91BBAD
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 940C6B17A7B9E51ECAAFC01A82F60BFC
Requests: 3 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 604210647BEAEB3FB93F6BC195A6EB3B
Requests: 15 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: 461B17914F7B750AC47254E7DBF95722
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: CCA985B1F4CBC2B2451071DB3C307944
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: FD8205E73BE4BE626F71EC3F25BC4764
Requests: 6 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=33A20561-9671-4312-AAFA-7800C6761A6F
Frame ID: 2917DE0C7A5F9BF7F7409A48973D4670
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1061992924367217288
Frame ID: 6EA9CFFB0E14840CB9EBF64A7A9C39A0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Frame ID: 991431D2EF58AE49FDEEEE51F7EA63DD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968262912217381009
Frame ID: CEAF22928FFE74148A3A41EA493831C1
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: BB3577086A8E66775082B448DFCEC4E0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: F57D80FA37D10D3957D4EEECBF9211EF
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=1b2260b4-3e33-4500-a777-7804d967d36d&gdpr=0&gdpr_consent=
Frame ID: 493EED536D58B7C3AC6739F8F888F2CA
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YLQ_NAABOA5WDwBg
Frame ID: 954B37520C25311744C53133C8434493
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jNjU2Zjc1Zi1lYzQ5LTQ0ZmUtOGM4My0wZTFlNDM0NDFkYTQ=&gdpr=0&gdpr_consent=
Frame ID: 77597D26BB757086A2AA3198E0FABE16
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: EF575A41666076145F202F9752B4C7C7
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: F5C2C7E5A9270C53F01B13479D8ED5E2
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=57284d1d-5fd4-4623-9a7b-431c93c67e98&t=1625017139
Frame ID: E9243564C1CFA35FFA033666A86892B4
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 209DFEC73D92BE7DE46F1055E361BBDF
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YLQ.N8Co5ssAACBVqPMAAAAA
Frame ID: 51A77759A4761AB441F4D86C76C698EE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871316020468957530
Frame ID: 609D9E71A995F7E0DAFD946E3FC15AA1
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=Obeu5kLKgKxX7AGr6lAD&pi=gumgum&tc=1
Frame ID: 7FE4C57130FC6AF54FFEC97D5BB1B4D7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 97D08739E0E14B539F43DFBDC840F6FA
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=cc7b941a911fd444bb1067f5ab813810%2F13827517590247163533&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dgtxf30s88wbjmxbr4nr6xcxb60f8eyz47y6ck9mdm0jsk7j6dnw8zna9s32zjravs4j4pnznx2vn0h34qz02pas1v7nsab2egfh4qm05qftzh8ejtkr152q2kpn66cwre0nmrfe2wr7bhbjvasq4a8t2dvh11z963a3s5kj020cd2pbr7jzx6azznwgebckncnqjmdc831b57bwttsk17jnkkzvfc6jpzh56pf549mafad8rw5wxavy438%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%2526client%253Dca-pub-3076479851646180%2526adurl%253D&y=0&z=0
Frame ID: C6AC0CED1CC31FB473220B20A9806FB4
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

433
Requests

100 %
HTTPS

35 %
IPv6

99
Domains

142
Subdomains

97
IPs

11
Countries

4814 kB
Transfer

11996 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://www.google.com/jsapi HTTP 301
  • https://www.gstatic.com/charts/loader.js
Request Chain 13
  • https://www.google.com/coop/cse/t13n?form=cse-search-box&t13n_langs=ta HTTP 301
  • https://cse.google.com/coop/cse/t13n?form=cse-search-box&t13n_langs=ta
Request Chain 14
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
  • https://www.gstatic.com/prose/brandjs.js
Request Chain 46
  • https://sb.scorecardresearch.com/b?c1=2&c2=25540515&ns__t=1622425135598&ns_c=UTF-8&cv=3.5&c8=Tamil%20News%20%7C%20Tamil%20Newspaper%20%7C%20Latest%20Tamil%20news%20-%20Dailythanthi&c7=https%3A%2F%2Fwww.dailythanthi.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=25540515&ns__t=1622425135598&ns_c=UTF-8&cv=3.5&c8=Tamil%20News%20%7C%20Tamil%20Newspaper%20%7C%20Latest%20Tamil%20news%20-%20Dailythanthi&c7=https%3A%2F%2Fwww.dailythanthi.com%2F&c9=
Request Chain 47
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1622425135598&ns_c=UTF-8&cv=3.5&c8=Tamil%20News%20%7C%20Tamil%20Newspaper%20%7C%20Latest%20Tamil%20news%20-%20Dailythanthi&c7=https%3A%2F%2Fwww.dailythanthi.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1622425135598&ns_c=UTF-8&cv=3.5&c8=Tamil%20News%20%7C%20Tamil%20Newspaper%20%7C%20Latest%20Tamil%20news%20-%20Dailythanthi&c7=https%3A%2F%2Fwww.dailythanthi.com%2F&c9=
Request Chain 84
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1514477076&utmhn=www.dailythanthi.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Tamil%20News%20%7C%20Tamil%20Newspaper%20%7C%20Latest%20Tamil%20news%20-%20Dailythanthi&utmhid=121747644&utmr=-&utmp=%2F&utmht=1622425135983&utmac=UA-35963920-1&utmcc=__utma%3D242132759.911410119.1622425136.1622425136.1622425136.1%3B%2B__utmz%3D242132759.1622425136.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=781876256&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAQAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35963920-1&cid=911410119.1622425136&jid=781876256&_v=5.7.2&z=1514477076 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35963920-1&cid=911410119.1622425136&jid=781876256&_v=5.7.2&z=1514477076 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35963920-1&cid=911410119.1622425136&jid=781876256&_v=5.7.2&z=1514477076&slf_rd=1&random=2333654916
Request Chain 170
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 171
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 182
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 197
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUK4Qh30cZQE7tmgdkIiTCqqpRZ_v1-KRMHCh0ErvLpjtrC7htFN2MTOcBz_8qsYsxwPMguo8_e_b7_cjAlk5raERMVo4kkU&google_gid=CAESENocL4PUG2r-gQyIS2DbJEQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUxRQE1RQUFBVjY0MXllWQ&google_push=AQvitUK4Qh30cZQE7tmgdkIiTCqqpRZ_v1-KRMHCh0ErvLpjtrC7htFN2MTOcBz_8qsYsxwPMguo8_e_b7_cjAlk5raERMVo4kkU
Request Chain 198
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEKXCIoQxmpymuYIQyOCpAAo&google_cver=1&google_push=AQvitUKibO_oH7aUw19zRffWMx4UXtqzpYichBUWdryPU7mU5uXpvgFdvqmJjjzd1sOvB38-sye5tgjDGzh8q9664T_eMRax9Ts8BA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUKibO_oH7aUw19zRffWMx4UXtqzpYichBUWdryPU7mU5uXpvgFdvqmJjjzd1sOvB38-sye5tgjDGzh8q9664T_eMRax9Ts8BA&google_hm=Q0FFU0VLWENJb1F4bXB5bXVZSVF5T0NwQUFv
Request Chain 199
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUJRXl6JuZCahTyWKcaN_vDpJjatT7Wqwo1jelPVdTBdcMVe8XgSFdxRu_FsrR8Sw7GDJTpQG1KhEdWAseFl-u82wOSIo55bDA&google_gid=CAESEIOSnnv3BtaDFInoBx9gYOo&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLH80IUGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BUXZpdFVKUlhsNkp1WkNhaFR5V0tjYU5fdkRwSmphdFQ3V3F3bzFqZWxQVmRUQmRjTVZlOFhnU0ZkeFJ1X0ZzclI4U3c3R0RKVHBRRzFLaEVkV0FzZUZsLXU4MndPU0lvNTViREE HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZEVHM3RkWDA5X3RfU2plVXZvaTBFNGlFZXQ4V2x1WEgyR0hKM0p5UUpHZw==&google_push
Request Chain 200
  • https://rtb.openx.net/sync/dds?google_gid=CAESEKW9rF9aBkYoEIvF6yzAmsQ&google_cver=1&google_push=AQvitUKlI_iK3cZ1t872lpCPwpMSon2jLHANZmCZjz1nQ58THtLylJ-0BkGyEyeM8iqXCQXD1huxdf9EigNVmavyvonFXrYmRCzrfg HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEKW9rF9aBkYoEIvF6yzAmsQ&google_cver=1&google_push=AQvitUKlI_iK3cZ1t872lpCPwpMSon2jLHANZmCZjz1nQ58THtLylJ-0BkGyEyeM8iqXCQXD1huxdf9EigNVmavyvonFXrYmRCzrfg&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKlI_iK3cZ1t872lpCPwpMSon2jLHANZmCZjz1nQ58THtLylJ-0BkGyEyeM8iqXCQXD1huxdf9EigNVmavyvonFXrYmRCzrfg&google_hm=Sp8Sb5s8y0cTrGhAKyuzrA==
Request Chain 201
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw
Request Chain 242
  • https://tags.bluekai.com/site/4229?id=18072662184062536680&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
  • https://a.tribalfusion.com/i.match?p=b3&u=OKiyJQ9999YlngHQ
Request Chain 244
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662184062536680&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662184062536680&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=f7e16a86-c1b0-11eb-8848-14e583300306 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b19&u=f7e16a12-c1b0-11eb-8848-14e583300306
Request Chain 246
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662184062536680%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662184062536680%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662184062536680&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b11&u=33A20561-9671-4312-AAFA-7800C6761A6F
Request Chain 248
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662184062536680&_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662184062536680&_origin=1&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662184062536680&_origin=1&redir=true&apid=UPf7dea33b-c1b0-11eb-b90d-062e6c792732 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662184062536680&_origin=1&redir=true&apid=UPf7dea33b-c1b0-11eb-b90d-062e6c792732&verify=true HTTP 302
  • https://a.tribalfusion.com/i.match?p=b17&u=UPf7dea33b-c1b0-11eb-b90d-062e6c792732
Request Chain 250
  • https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662184062536680 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b23&u=266340603803000123763
Request Chain 260
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662184062536680 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEOfN2ZLGQHpODT7pNcRFrwE&google_cver=1&google_ula=2786954,0
Request Chain 264
  • https://a.tribalfusion.com/i.match?p=b22&u=18072662184062536680&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662184062536680
Request Chain 287
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=9cf2e9ee-a7c5-4bf7-8283-9a100aec712a HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662184062536680
Request Chain 290
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662184062536680&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b20&u=YLQ.MUq1VL7z6KwZcUWCnQAA
Request Chain 295
  • https://a.tribalfusion.com/i.match?p=b10&u=18072662184062536680&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662184062536680&expires=180
Request Chain 313
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGk8iJ3Crwd9F2jLd_bkCfQ&google_cver=1&google_push=AQvitUI-4ndd4Mavu2PQRUzU_q_iZ_pYAoW6eLWXNTfnA5t-CaThUgBfeHRp4XG7dtlhEM0KWJ0NtBmRDebQuwnsVyVEfwmFwxey HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUI-4ndd4Mavu2PQRUzU_q_iZ_pYAoW6eLWXNTfnA5t-CaThUgBfeHRp4XG7dtlhEM0KWJ0NtBmRDebQuwnsVyVEfwmFwxey&google_hm=h8iiz9osJXR-RAHelWJR1g
Request Chain 315
  • https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESEKW9rF9aBkYoEIvF6yzAmsQ&google_cver=1&google_push=AQvitUJlo9V4vj6-Pou3ZgQXWziRMGEQ_mba5vwD-i9sKHHhpkVZXfwhIihS6IdfDpBLIbEgEy5XdhlBTJJ8Z5D3JL2S_yPrjcv4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELJ0xR4XQHfNzGWYkPk1wqQ&google_cver=1
Request Chain 316
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIHXIBB4e0GwflEmcN9pDcc&google_cver=1&google_push=AQvitUL7BeJcAJDjJ8V76jqN4F3BIu9ggqxCOD5gEHF8LJ6WZ8pqwdnbqmDPSuHJEanLzGcfpG2Xsdli9pkBPVN4kXYdS6FfMFM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=M6IFYZZxQxKq-ngAxnYabw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUL7BeJcAJDjJ8V76jqN4F3BIu9ggqxCOD5gEHF8LJ6WZ8pqwdnbqmDPSuHJEanLzGcfpG2Xsdli9pkBPVN4kXYdS6FfMFM
Request Chain 317
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGTayy8P0NaS3DOGCOSfwWE&google_cver=1&google_push=AQvitUI1efMbrNpdHo4Bc9SRBN2dpZh7P5kaYyJsxUwXgPoPvG8XjMQR-0AazmrPpFLd2jdQR4H4SZ8Iqmym4v1jfINh6wNZEQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCWTFEN1QtMUUtNzBLUg==&google_push=AQvitUI1efMbrNpdHo4Bc9SRBN2dpZh7P5kaYyJsxUwXgPoPvG8XjMQR-0AazmrPpFLd2jdQR4H4SZ8Iqmym4v1jfINh6wNZEQ
Request Chain 318
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHBFUy934at8yhcAEV85xPE&google_cver=1&google_push=AQvitUJk9d885DFCQLrTGfu7DyYcYJf9NdbJA5l2vnMTpwmE7Gj8jfcL-h87m34W7qf49RvIuD1jGd1AT-xAx4FbCeDgCZTmdSyw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AQvitUJk9d885DFCQLrTGfu7DyYcYJf9NdbJA5l2vnMTpwmE7Gj8jfcL-h87m34W7qf49RvIuD1jGd1AT-xAx4FbCeDgCZTmdSyw&google_hm=CnW1Vqe3SmqdDQHt4yZwqA
Request Chain 319
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAM9_DxIl4YOIyMd0tTaQo4&google_cver=1&google_push=AQvitUJ6i7V8PIAIqqKeZgOr8TYzHB_1xbGTKJ8X0Lv7LaLwzuTwHVw0thvZ5E6LCvrSjPlSLGSFV88dN9G_iuybhnnZdqhBcQaRsg HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ6i7V8PIAIqqKeZgOr8TYzHB_1xbGTKJ8X0Lv7LaLwzuTwHVw0thvZ5E6LCvrSjPlSLGSFV88dN9G_iuybhnnZdqhBcQaRsg&google_hm=
Request Chain 332
  • https://a.tribalfusion.com/i.match?p=b24&u=18072662184062536680&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662184062536680
Request Chain 349
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 356
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=1533053419439808255
Request Chain 357
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=74da3df3821cf0f549a07d60
Request Chain 358
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=808803478 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=808803478 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/57284d1d-5fd4-4623-9a7b-431c93c67e98 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-91a7f0a6-762c-405e-bc0e-5e43dfcdbd81-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-91a7f0a6-762c-405e-bc0e-5e43dfcdbd81-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-91a7f0a6-762c-405e-bc0e-5e43dfcdbd81-003
Request Chain 360
  • https://cs.admanmedia.com/sync/durationmedia?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%7B%24UID%7D HTTP 302
  • https://ads.servenobid.com/sync?pid=328&uid=61c065ec1696f79439e719708577bce141ab5263
Request Chain 361
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1871316020468957530
Request Chain 363
  • https://c1.adform.net/serving/cookie/match?party=14&cid=33A20561-9671-4312-AAFA-7800C6761A6F HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=33A20561-9671-4312-AAFA-7800C6761A6F
Request Chain 364
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1061992924367217288
Request Chain 365
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Request Chain 366
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968262912217381009
Request Chain 367
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBWDNVN0JhSHdBQUREWkZBdk1KUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 368
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 369
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=M6IFYZZxQxKq-ngAxnYabw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 370
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=38d860b4-3e33-4900-b378-f6f7ceb45b3d
Request Chain 371
  • https://pixel.onaudience.com/?partner=214&mapped=33A20561-9671-4312-AAFA-7800C6761A6F HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4201efda2e0da1cf9d46f441f246b5fd HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=1e4346461f18c117f45cb2c070d79ad2
Request Chain 372
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzNBMjA1NjEtOTY3MS00MzEyLUFBRkEtNzgwMEM2NzYxQTZG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 373
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPtajlyFqj3YPL2tUZkP3b0&google_cver=1
Request Chain 375
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2781842312086406575
Request Chain 376
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1b2260b4-3e33-4500-a777-7804d967d36d&gdpr=0&gdpr_consent=
Request Chain 377
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=57284d1d-5fd4-4623-9a7b-431c93c67e98
Request Chain 378
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1533053419439808255&gdpr=0&gdpr_consent=
Request Chain 380
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=33A20561-9671-4312-AAFA-7800C6761A6F&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zHGuYhhE2uWFrrkF6KHgXGLdm.5Ez88-~A&gdpr=0&gdpr_consent=
Request Chain 381
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hI773YHbqtif3PyP0Yq03Irc_9GfifzZ1Iwh1W2N
Request Chain 382
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ums.acuityplatform.com/bum?tpid=29&uid=51090e69-3b5a-40f9-9ad9-071ba4a282c6&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=582531990350&expires=30&user_group=1&ssp=Pubmatic
Request Chain 383
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YLQ_NAABOE1WBQBg HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLQ_NAABOE1WBQBg&gdpr=0&gdpr_consent=&_test=YLQ_NAABOE1WBQBg
Request Chain 384
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6919586988451199564&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 385
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a07e6ba0-d3dd-4d2b-8796-86ba97c504e9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 388
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D22%26buid%3DYOUR_USER_ID HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D22%26buid%3DYOUR_USER_ID HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=22&buid=7966870458595169191
Request Chain 389
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D86%26buid%3D$UID HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=86&buid=1533053419439808255
Request Chain 390
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D66%26buid%3D%7Bamob_user_id%7D HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=66&buid=064b2204026380da7af04120
Request Chain 391
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D100%26buid%3D HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=100&buid=80400fab-a378-4d05-b24a-9acbde2152d0
Request Chain 392
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=1533053419439808255
Request Chain 393
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_c656f75f-ec49-44fe-8c83-0e1e43441da4&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_c656f75f-ec49-44fe-8c83-0e1e43441da4&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=51090e69-3b5a-40f9-9ad9-071ba4a282c6 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=51090e69-3b5a-40f9-9ad9-071ba4a282c6 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=40bf545f-4b4e-4c0f-8976-d526ad1bc9bd&ssp=gumgum2&expires=30&user_group=5&bsw_param=51090e69-3b5a-40f9-9ad9-071ba4a282c6 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=40bf545f-4b4e-4c0f-8976-d526ad1bc9bd&ssp=gumgum2&expires=30&user_group=5&bsw_param=51090e69-3b5a-40f9-9ad9-071ba4a282c6 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=df71ae57-d223-43ba-8a89-ee264ea8446d
Request Chain 394
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28ax_ww7BGtypSE1yGih4ke8bLWVhsiboQW03apt-1i-AvLbiZNZmirPEGhoh8zRhE%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28ax_ww7BGtypSE1yGih4ke8bLWVhsiboQW03apt-1i-AvLbiZNZmirPEGhoh8zRhE%29
Request Chain 395
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=62f43c23-1aaf-4a3f-92a3-341a30628850
Request Chain 396
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-b6a9b8cc-4da1-47a0-6b60-2696a5b4cee4$ip$89.249.64.171
Request Chain 397
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-C_fsId9E2pfs5PhB3bJwtWu1E8tWa11rA4_S~A
Request Chain 398
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=fadc799b-c1b0-11eb-aa26-957139fe0652
Request Chain 401
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_c656f75f-ec49-44fe-8c83-0e1e43441da4&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=plAJmFGj4q0LNHR9zaiU&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24DMIFFG2RSHNI2HCMCMJZEFEOL2MFUVKJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24DMIFFG2RSHNI2HCMCMJZEFEOL2MFUVKJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=plAJmFGj4q0LNHR9zaiU&us_privacy=1---
Request Chain 402
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=bc35c2a7-1b4a-44c5-af68-68447f7df6da
Request Chain 403
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3363627944 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/57284d1d-5fd4-4623-9a7b-431c93c67e98 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-91a7f0a6-762c-405e-bc0e-5e43dfcdbd81-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-91a7f0a6-762c-405e-bc0e-5e43dfcdbd81-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-91a7f0a6-762c-405e-bc0e-5e43dfcdbd81-003
Request Chain 404
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=276cnmxHlV5b&ev=1&pid=558355
Request Chain 406
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=1b2260b4-3e33-4500-a777-7804d967d36d&gdpr=0&gdpr_consent=
Request Chain 407
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YLQ_NAABOA5WDwBg
Request Chain 411
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=57284d1d-5fd4-4623-9a7b-431c93c67e98&t=1625017139
Request Chain 413
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YLQ.N8Co5ssAACBVqPMAAAAA
Request Chain 414
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=1871316020468957530
Request Chain 415
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=Obeu5kLKgKxX7AGr6lAD&pi=gumgum&tc=1
Request Chain 435
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

433 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.dailythanthi.com/ 		81 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
83bad5922766a731b11cc37af0a6209ffb569f515f54a3dccf75dc8dc7ffba17

Request headers

Host
www.dailythanthi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
public, max-age=209
Content-Type
text/html; charset=utf-8
Expires
Mon, 31 May 2021 01:39:26 GMT
Last-Modified
Mon, 31 May 2021 01:32:26 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
Content-Encoding
gzip
Content-Length
14622
Date
Mon, 31 May 2021 01:38:55 GMT
Connection
keep-alive
Vary
Accept-Encoding
X-Akamai-EURegion
Yes
styles
www.dailythanthi.com/static/ 		198 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailythanthi.com/static/styles?v=laRKGYq0tI2EHxKWHSYM1F6rzE8UwYAwkoWVAp7ijh01
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
618d4c057d27a55da0cd6b8f680408cf117333207027af6b79cd395ff16e4315

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.dailythanthi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.dailythanthi.com/
Connection
keep-alive
Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 May 2021 01:26:20 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public
Connection
keep-alive
X-Akamai-EURegion
Yes
Content-Length
36419
Expires
Tue, 31 May 2022 01:26:20 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
a12af3b3e8782c3af3ee41dd885a9ecd9e012712a12539d65dc61d77fa92419f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"888 / 449 of 1000 / last-modified: 1622153417"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21483
x-xss-protection
0
expires
Mon, 31 May 2021 01:38:55 GMT
f862fb685f90044345b5e6086f9f1b23437fa704.js
cdn.izooto.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/f862fb685f90044345b5e6086f9f1b23437fa704.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20e4410e4a45e0deeac3716dbb7c6fc6ac15b890deeb343031a00fa69791e63a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Nov 2019 10:31:51 GMT
server
cloudflare
age
463934
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
public, max-age=691200
expires
Tue, 08 Jun 2021 01:38:55 GMT
cf-ray
657c7c47a8134e31-FRA
cf-request-id
0a61ac00c500004e31f8ae2000000001
cf-bgj
minify
Daily-Thanthi-01.png
www.dailythanthi.com/Content/images/ 		761 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailythanthi.com/Content/images/Daily-Thanthi-01.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
262ff44b33fbc5dfd8f3c4a1c3ca2eb58890908dd729cfa7031833ce135d8dc4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.dailythanthi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.dailythanthi.com/
Connection
keep-alive
Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Wed, 25 Jan 2017 10:36:24 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"4cb893e0f676d21:0"
Content-Type
image/png
Cache-Control
public,max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
X-Akamai-EURegion
Yes
Content-Length
761
E-paper.png
www.dailythanthi.com/Content/images/ 		388 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailythanthi.com/Content/images/E-paper.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
167a23632603bd0e0b2175e523a0b9ffbc5073baa3074d40806102b56f155422

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.dailythanthi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.dailythanthi.com/
Connection
keep-alive
Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Wed, 25 Jan 2017 10:36:24 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"fe73a1e0f676d21:0"
Content-Type
image/png
Cache-Control
public,max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
X-Akamai-EURegion
Yes
Content-Length
388
DTNEXT.png
www.dailythanthi.com/Content/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailythanthi.com/Content/images/DTNEXT.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f1d3290f08e41c706ef1d1e68a21b639de864f7919d4d241ae7413e8b27341bc

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.dailythanthi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.dailythanthi.com/
Connection
keep-alive
Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Thu, 02 May 2019 09:15:03 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"1079086c70d51:0"
Content-Type
image/png
Cache-Control
public,max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
X-Akamai-EURegion
Yes
Content-Length
1694
Thanthi-TV.png
www.dailythanthi.com/Content/images/ 		439 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailythanthi.com/Content/images/Thanthi-TV.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4fcf14d1c6064c93842d04dac0992db3a6629efbfe5bd0d5d5d78e8bcee4dd0e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.dailythanthi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.dailythanthi.com/
Connection
keep-alive
Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Wed, 25 Jan 2017 10:36:25 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"2ff7ade0f676d21:0"
Content-Type
image/png
Cache-Control
public,max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
X-Akamai-EURegion
Yes
Content-Length
439
DT-White.png
www.dailythanthi.com/Content/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailythanthi.com/Content/images/DT-White.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5a0fee3e8342107a5e05a0e4be8a1b24ca3c330d3c378dd5c0dad0c3f84cdf31

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.dailythanthi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.dailythanthi.com/
Connection
keep-alive
Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Mon, 20 Nov 2017 07:23:37 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"4827e7bd061d31:0"
Content-Type
image/png
Cache-Control
public,max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
X-Akamai-EURegion
Yes
Content-Length
6057
google-news-dt.png
www.dailythanthi.com/Content/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailythanthi.com/Content/images/google-news-dt.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5f79098407a254c69cf91e18b9b48e4f90aa42d7b31f27980ec12efe02b2549d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.dailythanthi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.dailythanthi.com/
Connection
keep-alive
Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Fri, 11 Dec 2020 12:29:25 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"8040c342b9cfd61:0"
Content-Type
image/png
Cache-Control
public,max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
X-Akamai-EURegion
Yes
Content-Length
12400
logo1.png
www.dailythanthi.com/Content/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailythanthi.com/Content/images/logo1.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
70fb5b750bcc624f3cb53fd4d2ac4eaf5581f13ec774a5dffe58b6f711ab9a36

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.dailythanthi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.dailythanthi.com/
Connection
keep-alive
Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Wed, 25 Jan 2017 10:36:25 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"fad4b4e0f676d21:0"
Content-Type
image/png
Cache-Control
public,max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
X-Akamai-EURegion
Yes
Content-Length
4394
FollowUS.png
www.dailythanthi.com/Content/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailythanthi.com/Content/images/FollowUS.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3911394a7505716f85e47dfade77c4a774cf59256aa8b61e974addbde23774eb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.dailythanthi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.dailythanthi.com/
Connection
keep-alive
Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Wed, 25 Jan 2017 10:36:25 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"3bc4bce0f676d21:0"
Content-Type
image/png
Cache-Control
public,max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
X-Akamai-EURegion
Yes
Content-Length
9197
jquery.js
www.dailythanthi.com/Scripts/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailythanthi.com/Scripts/jquery.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
987f9e588458e94c96a5c11685861685a7e0b88bf3887c46f3b26383e02ffc86

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.dailythanthi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.dailythanthi.com/
Connection
keep-alive
Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Content-Encoding
br
Last-Modified
Sat, 24 Apr 2021 14:29:38 GMT
Server
Akamai Resource Optimizer
X-Powered-By
ASP.NET
ETag
"099a9ba99dd21:0"
Content-Type
application/javascript
Cache-Control
public, max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
X-Akamai-EURegion
Yes
Content-Length
29864
loader.js
www.gstatic.com/charts/
Redirect Chain
  • https://www.google.com/jsapi
  • https://www.gstatic.com/charts/loader.js
65 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/loader.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efdde317b774ed03a69918bb931553608881c84987ce79e68c7f9d32d6138a96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:13:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 12 Apr 2021 17:45:29 GMT
server
sffe
age
1527
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=3600
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66641
x-xss-protection
0
expires
Mon, 31 May 2021 02:13:28 GMT

Redirect headers

date
Mon, 31 May 2021 01:29:50 GMT
x-content-type-options
nosniff
server
sffe
age
545
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/charts/loader.js
cache-control
public, max-age=1800
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Mon, 31 May 2021 01:59:50 GMT
t13n
cse.google.com/coop/cse/
Redirect Chain
  • https://www.google.com/coop/cse/t13n?form=cse-search-box&t13n_langs=ta
  • https://cse.google.com/coop/cse/t13n?form=cse-search-box&t13n_langs=ta
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/coop/cse/t13n?form=cse-search-box&t13n_langs=ta
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
pfe /
Resource Hash
62efbff3aefac0461bce65c59038dc2c35b96b9639f490fd90a1b135b045af39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:15:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
pfe
age
1426
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
833
x-xss-protection
0
expires
Mon, 31 May 2021 01:45:09 GMT

Redirect headers

date
Mon, 31 May 2021 01:27:00 GMT
x-content-type-options
nosniff
server
sffe
age
715
content-type
text/html; charset=UTF-8
location
https://cse.google.com/coop/cse/t13n?form=cse-search-box&t13n_langs=ta
cache-control
public, max-age=1800
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
271
x-xss-protection
0
expires
Mon, 31 May 2021 01:57:00 GMT
brandjs.js
www.gstatic.com/prose/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
  • https://www.gstatic.com/prose/brandjs.js
14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/prose/brandjs.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 18:37:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Apr 2021 15:14:29 GMT
server
sffe
age
25267
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13880
x-xss-protection
0
expires
Mon, 31 May 2021 18:37:48 GMT

Redirect headers

date
Mon, 31 May 2021 01:29:19 GMT
x-content-type-options
nosniff
server
sffe
age
576
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/prose/brandjs.js
cache-control
public, max-age=1800
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Mon, 31 May 2021 01:59:19 GMT
DT-Logo-Old.png
www.dailythanthi.com/Content/images/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailythanthi.com/Content/images/DT-Logo-Old.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
984ced057d59f564ff6b738c686bc337edc7ae57fb4fe61e3f7de1463bb0d921

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.dailythanthi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.dailythanthi.com/
Connection
keep-alive
Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Mon, 06 Nov 2017 13:18:51 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"38c8dc9157d31:0"
Content-Type
image/png
Cache-Control
public,max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
X-Akamai-EURegion
Yes
Content-Length
31608
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		134 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48356
x-xss-protection
0
server
cafe
etag
3890051329819667200
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 31 May 2021 01:38:55 GMT
202105310656207624_Petrol-price-hiked-by-25-paise-in-Chennai-today_SECVPF.gif
img.dailythanthi.com/Articles/2021/May/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dailythanthi.com/Articles/2021/May/202105310656207624_Petrol-price-hiked-by-25-paise-in-Chennai-today_SECVPF.gif
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b8::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5408c3a998bd5a6e7cada091ad4dce4d1821dc42d39479717f38e2061aa54e0c

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Mon, 31 May 2021 01:26:22 GMT
Server
AmazonS3
x-amz-request-id
VTZJ7J6B1X82WKZE
ETag
"89a31cd3c743740a76e09b37c05205a4"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24870
x-amz-id-2
lpzOc6JUBXuL/xgpMHxVBz39TU18n1TnIWzt5FDQJ3kKHptDgwtFnq33kayu1wgCW9/QkVZaB+Q=
202105310656230281_Worldwide-the-number-of-corona-victims-has-risen-to-1710_TMBVPF.gif
img.dailythanthi.com/Articles/2021/May/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dailythanthi.com/Articles/2021/May/202105310656230281_Worldwide-the-number-of-corona-victims-has-risen-to-1710_TMBVPF.gif
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b8::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3b4d2b0ace9d7302cec8a8ad629450eef7adb9cf69cb9bf7ce0c5759911c7b3

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Mon, 31 May 2021 01:26:24 GMT
Server
AmazonS3
x-amz-request-id
6Y5NZ8S91TJJ8ZXR
ETag
"3e3911a694bf0f98a7443746d5eb5d01"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3403
x-amz-id-2
kwjBDfwVacgZ1Ebas51TdlEpJT4G9MiyoxpR9PZlCyUvNd+0I8BYksQslWXKn/nIdilfhhBVqFE=
202105310638097071_In-US-294-crore-vaccine-doses-have-been-given-to-the-public_TMBVPF.gif
img.dailythanthi.com/Articles/2021/May/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dailythanthi.com/Articles/2021/May/202105310638097071_In-US-294-crore-vaccine-doses-have-been-given-to-the-public_TMBVPF.gif
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b8::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7132b05538435de304aba8ccdd5da38d092dc18efb9521a91baa9c63b57e30f

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Mon, 31 May 2021 01:08:11 GMT
Server
AmazonS3
x-amz-request-id
6Y5JD0CR2AYWYHCJ
ETag
"43e22e348fa601ac6435d4ca6b8481fe"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4061
x-amz-id-2
zTQ54Qocpki2J6rkjpYRB4XQob0oZ6yERWdaXFqG0L4ZTq59Op5wGaWVNn0Eh7LtRldCd1Moyec=
202105310513431566_Corona-infects-43520-new-people-in-Brazil-950-more-killed_TMBVPF.gif
img.dailythanthi.com/Articles/2021/May/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dailythanthi.com/Articles/2021/May/202105310513431566_Corona-infects-43520-new-people-in-Brazil-950-more-killed_TMBVPF.gif
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b8::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e19b5711b6ea27004804aedc80c0285e7032e53d50bcb38f2f2bb6a8799f6f1

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Sun, 30 May 2021 23:43:44 GMT
Server
AmazonS3
x-amz-request-id
WKP9DNWXH3HR2DGK
ETag
"9368aba25ecb609d0366668779e1dd4d"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2839
x-amz-id-2
OJACG1jfDIhQp7uN58/BGD6IOLkevUouTkviEnaeHlzF2+ljFzfxPVZeOvljZ18SgH/osB9xx8A=
202105310411405664_Oscar-Awards-2022-Ceremony-will-take-place-on-March-27th_TMBVPF.gif
img.dailythanthi.com/Articles/2021/May/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dailythanthi.com/Articles/2021/May/202105310411405664_Oscar-Awards-2022-Ceremony-will-take-place-on-March-27th_TMBVPF.gif
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b8::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64c4c7678d137cd044edc23f64115c2fa200bf63b92a820188103368dfb2fe51

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Sun, 30 May 2021 22:41:42 GMT
Server
AmazonS3
x-amz-request-id
ADMNW87S67HKG53E
ETag
"c01ff4979224f820000918e7f724e396"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3820
x-amz-id-2
Ydkj/KU8nQSIgprLTuLV8YctAp9nQd5faQmlCgLi300OrPOE9WJa6nO7/F2SrnjL5CoAW1pZPzw=
202105310334394119_Liquid-medical-oxygen-production-increased-10-fold--PM-Modi_TMBVPF.gif
img.dailythanthi.com/Articles/2021/May/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dailythanthi.com/Articles/2021/May/202105310334394119_Liquid-medical-oxygen-production-increased-10-fold--PM-Modi_TMBVPF.gif
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b8::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
712d9c100db30d19ed8af6225014ba16da41942c6d38266b2c0ec787ad5c51f3

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Sun, 30 May 2021 22:04:41 GMT
Server
AmazonS3
x-amz-request-id
46TKC78G8Q62VT50
ETag
"bd5b2f48ec35c8f73cdc61c78f05b640"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3043
x-amz-id-2
h9pQ8wzJ0HRLzOXKD3gLGTfsH8f1q3fI18LwPo1hufYvkQ3Blzrmx3wH4g8FlCy5Cwb45LLVw2w=
202105310303050964_Eregistration-is-mandatory-to-go-to-railairports_TMBVPF.gif
img.dailythanthi.com/Articles/2021/May/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.dailythanthi.com/Articles/2021/May/202105310303050964_Eregistration-is-mandatory-to-go-to-railairports_TMBVPF.gif
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b8::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7842e513fad787187505db4d6d1a2afaf947c7d76b30032013acb8fad99b9a0b

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Sun, 30 May 2021 21:33:06 GMT
Server
AmazonS3
x-amz-request-id
ZDE5E92WGTXWHRJ9
ETag
"d11c1d8c1cb06b8cc3873d315774807a"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3196
x-amz-id-2
YOuJwLDC4xg73q0+KME/hLN0cPuY2X68IdQvSjoPmbPs50M2FUXI5mIsSHJhUETjwdf/QKkURa4=
DT-Unify.min.js
ads.rwadx.com/Unify/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rwadx.com/Unify/DT-Unify.min.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.156.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-156-91.muc51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08a1a1212c385bd6505b1b3a4af0a643fdb3ba11d6d514651989a3489624a459

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 06:25:22 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 20:09:51 GMT
server
AmazonS3
age
414814
etag
W/"ae2939d549ab069213d9e280bf90dce2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
AGiq7flFTRX9d7tm2Q2lM6PVvsFXnD5A
via
1.1 e30a30fbecb84c672048f3a7284aefa1.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC51-C1
content-type
application/javascript
x-amz-cf-id
ua7BJv6OIPEzagd0IDOC2nDwvcYLG_Y6slgy7BP_4dTKU9fdbbO12g==
home-lazyload.js
www.dailythanthi.com/Scripts/LazyLoad/ 		2 KB
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailythanthi.com/Scripts/LazyLoad/home-lazyload.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
695ba1400e04815db482d2363c5564180dff11d6c064c069982fcc449efaf627

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.dailythanthi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.dailythanthi.com/
Connection
keep-alive
Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Content-Encoding
br
Last-Modified
Mon, 08 Feb 2021 19:22:39 GMT
Server
Akamai Resource Optimizer
X-Powered-By
ASP.NET
ETag
"dbc06afa4f2cd31:0"
Content-Type
application/javascript
Cache-Control
public, max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
X-Akamai-EURegion
Yes
Content-Length
594
ABC_logo.jpg
www.dailythanthi.com/Content/images/ 		998 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailythanthi.com/Content/images/ABC_logo.jpg
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
405ce86a65d6a6777a3f5b4aba4ead76232a1108eda6d5b6831be7b06a8efba8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.dailythanthi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.dailythanthi.com/
Connection
keep-alive
Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Wed, 25 Jan 2017 10:36:25 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"8a8edfe0f676d21:0"
Content-Type
image/jpeg
Cache-Control
public,max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
X-Akamai-EURegion
Yes
Content-Length
998
scripts
www.dailythanthi.com/static/ 		401 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailythanthi.com/static/scripts?v=RNoJ0c1IdC-mGpM9AYJMt7QcUbyuyNnKLOKUDV5Y0EA1
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
11826d1d85e232793ae2aaef5ab3888af820470b27a3334436a5b01ac6552c78

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.dailythanthi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.dailythanthi.com/
Connection
keep-alive
Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 May 2021 01:29:29 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Connection
keep-alive
X-Akamai-EURegion
Yes
Content-Length
118334
Expires
Tue, 31 May 2022 01:29:29 GMT
script.js
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/dailythanthi/ 		111 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/dailythanthi/script.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f2a68c0da6662a33f2ffff7a5a64a9f043038519e1e10195f257112e366d550
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
5039
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
34010
etag
W/"1bcd8-ESdEfk6VyCcxBHCREbam4oIOG6w"
x-served-by
cache-fra19138-FRA, cache-hhn4034-HHN
date
Mon, 31 May 2021 01:38:55 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
pubads_impl_2021052501.js
securepubads.g.doubleclick.net/gpt/ 		310 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
a1b8ef6d40a6f447aa71becd00f6fa9a4e1be4405fad120ab1aa8ae6ef2146bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 25 May 2021 08:40:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111175
x-xss-protection
0
expires
Mon, 31 May 2021 01:38:55 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		123 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
5b6f3806c04b7c91d2ee5cf8f42b31343a9d33ea62ad9d0506cfa1be078477d3

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 16:30:52 GMT
content-encoding
gzip
server
Server
age
32883
etag
6bda376aea84df42909484ff0d20f22a
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
7iV2kGh8hACCLQM7XX9BldZxc25jPH1q
x-amz-cf-id
ioxanV8YoBskLPETF05sVgS2oQEbIfE87MTgtmdi6s75JxcelH6EQA==
loader.js
cdn.taboola.com/libtrc/thanthitrust-dailythanthi/ 		319 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/thanthitrust-dailythanthi/loader.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75eba5e26e9d1c58c9a0980f328ed0a65c6e0da9427cbe108b4511bf89bd328a

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qV9cTJrGARue1rYtDzZXXyNHU.uGfHf8
content-encoding
gzip
etag
"45e3661c55c8b39d0e668eed08287de9"
age
4
x-cache
HIT
content-length
28588
x-amz-id-2
6Raks2vJBrttw5FKsEds7EXeKH2Kk8fQiFRfJX98C/2IesQu1P49J7x+IMHurZBjE98ubxM0o5M=
x-served-by
cache-hhn11556-HHN
last-modified
Sun, 30 May 2021 12:06:06 GMT
server
AmazonS3
x-timer
S1622425135.492727,VS0,VE1
date
Mon, 31 May 2021 01:38:55 GMT
vary
Accept-Encoding
x-amz-request-id
T64F691WWV7R02BE
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
92
x-cache-hits
1
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24156
x-fb-rlafr
0
pragma
public
x-fb-debug
ltdPSvwmp6aeGkt/Zi5lxgoZmG2sQbr2maYR+kSLj8EhMnqZ4AdnjcgfAo1B+6jLeAOEsiBXIlSTiJi/r1E6Gg==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Mon, 31 May 2021 01:38:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
izooto.js
cdn.izooto.com/scripts/sdk/ 		167 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sdk/izooto.js
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/f862fb685f90044345b5e6086f9f1b23437fa704.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37191f21e3dd1db20898df836eb549dff1a8969082852e8538a25a72e99e639c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:55 GMT
content-encoding
br
cf-cache-status
HIT
age
221741
last-modified
Fri, 21 May 2021 12:02:16 GMT
cf-request-id
0a61ac013600004e31e10bd000000001
cf-bgj
minify
server
cloudflare
etag
W/"60a7a148-29bcb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
public, max-age=691200
cf-ray
657c7c4858d24e31-FRA
expires
Tue, 08 Jun 2021 01:38:55 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-88.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:36:45 GMT
via
1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
131
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
1Nop4rqmbvRhLxetFFuQC6dCbssw6ipoizHlt6vuoPXTVHvYnQsaPQ==
m
secure-gl.imrworldwide.com/cgi-bin/ 		0
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ci=ent1236951067&am=3&mr=1&ty=js&ep=1&at=view&rt=banner&st=image&ca=cmp1049490&cr=crv2493040&pc=plc42210146&r=1622425135407
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:d200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:55 GMT
via
1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
DUS51-C1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
B1TIz73IpwLRwn-1szO7K2kY3Eohfm2p3zhhIUY5jXSjM6X36hsr0A==
expires
Thu, 01 Dec 1994 16:00:00 GMT
fontawesome-webfont.woff
www.dailythanthi.com/fonts/ 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dailythanthi.com/fonts/fontawesome-webfont.woff?v=4.5.0
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/static/styles?v=laRKGYq0tI2EHxKWHSYM1F6rzE8UwYAwkoWVAp7ijh01
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c812ddc9e475d3e65d68a6b3b589ce598a2a5babb7afc55477d59215c4a38a40

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.dailythanthi.com
Accept-Encoding
gzip, deflate, br
Host
www.dailythanthi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.dailythanthi.com/static/styles?v=laRKGYq0tI2EHxKWHSYM1F6rzE8UwYAwkoWVAp7ijh01
Connection
keep-alive
Origin
https://www.dailythanthi.com
Referer
https://www.dailythanthi.com/static/styles?v=laRKGYq0tI2EHxKWHSYM1F6rzE8UwYAwkoWVAp7ijh01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Tue, 13 Sep 2016 09:03:45 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"2e9fdcbb9ddd21:0"
Content-Type
font/x-woff
Cache-Control
public,max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
X-Akamai-EURegion
Yes
Content-Length
83588
taun_elango_abirami.woff
www.dailythanthi.com/fonts/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dailythanthi.com/fonts/taun_elango_abirami.woff
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/static/styles?v=laRKGYq0tI2EHxKWHSYM1F6rzE8UwYAwkoWVAp7ijh01
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1b28b59d60d342cf81dcd70216fa1ed427edd5510ea86db6c8a6153c10171c0e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.dailythanthi.com
Accept-Encoding
gzip, deflate, br
Host
www.dailythanthi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.dailythanthi.com/static/styles?v=laRKGYq0tI2EHxKWHSYM1F6rzE8UwYAwkoWVAp7ijh01
Connection
keep-alive
Origin
https://www.dailythanthi.com
Referer
https://www.dailythanthi.com/static/styles?v=laRKGYq0tI2EHxKWHSYM1F6rzE8UwYAwkoWVAp7ijh01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Tue, 13 Sep 2016 08:40:40 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"c109829add21:0"
Content-Type
font/x-woff
Cache-Control
public,max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
X-Akamai-EURegion
Yes
Content-Length
36036
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2180
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5863
x-xss-protection
0
server
cafe
etag
12453517290502062038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 31 May 2021 02:02:35 GMT
inputtools_3.js
www.gstatic.com/inputtools/js/ita/ 		303 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/inputtools/js/ita/inputtools_3.js
Requested by
Host: www.google.com
URL: https://www.google.com/jsapi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e69652b49165e54215884b45e6b0541d484f23a9fa9094e5b9d18d02dc71f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 15:17:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 04 Dec 2020 05:45:00 GMT
server
sffe
age
37285
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105475
x-xss-protection
0
expires
Mon, 31 May 2021 15:17:30 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/ 		232 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3076479851646180&plah=www.dailythanthi.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87658
x-xss-protection
0
server
cafe
etag
5316214545020586774
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 31 May 2021 01:38:55 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/ Frame 684E 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210524/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 30 May 2021 22:01:17 GMT
expires
Sun, 13 Jun 2021 22:01:17 GMT
content-type
text/html; charset=UTF-8
etag
15349191498103243965
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4506
x-xss-protection
0
age
13058
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
taun_elango_kamban.woff
www.dailythanthi.com/fonts/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dailythanthi.com/fonts/taun_elango_kamban.woff
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/static/styles?v=laRKGYq0tI2EHxKWHSYM1F6rzE8UwYAwkoWVAp7ijh01
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1be144e8736f2ebcbfeb43f95f18e12cc326704004b13ac6730ee2158d8abeb2

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.dailythanthi.com
Accept-Encoding
gzip, deflate, br
Host
www.dailythanthi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.dailythanthi.com/static/styles?v=laRKGYq0tI2EHxKWHSYM1F6rzE8UwYAwkoWVAp7ijh01
Connection
keep-alive
Origin
https://www.dailythanthi.com
Referer
https://www.dailythanthi.com/static/styles?v=laRKGYq0tI2EHxKWHSYM1F6rzE8UwYAwkoWVAp7ijh01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Tue, 13 Sep 2016 08:40:40 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"74bb21829add21:0"
Content-Type
font/x-woff
Cache-Control
public,max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
X-Akamai-EURegion
Yes
Content-Length
52224
taun_elango_panchali.woff
www.dailythanthi.com/fonts/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dailythanthi.com/fonts/taun_elango_panchali.woff
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/static/styles?v=laRKGYq0tI2EHxKWHSYM1F6rzE8UwYAwkoWVAp7ijh01
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fa8e4727947326d0a95b8b59ee2dc2a2b8513d07012690f042ccc581c869a8c0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.dailythanthi.com
Accept-Encoding
gzip, deflate, br
Host
www.dailythanthi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.dailythanthi.com/static/styles?v=laRKGYq0tI2EHxKWHSYM1F6rzE8UwYAwkoWVAp7ijh01
Connection
keep-alive
Origin
https://www.dailythanthi.com
Referer
https://www.dailythanthi.com/static/styles?v=laRKGYq0tI2EHxKWHSYM1F6rzE8UwYAwkoWVAp7ijh01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Last-Modified
Tue, 13 Sep 2016 08:40:40 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"3b5742829add21:0"
Content-Type
font/x-woff
Cache-Control
public,max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
X-Akamai-EURegion
Yes
Content-Length
52116
1351594641561471
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1351594641561471?v=2.9.40&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1bea837fb0239c48280e1db00907ec8cb3cb1c07a83be8a32658efa9cb0b7948
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
gLA1OodFBNByfoKN8d083AXwNe2bfM1YFzknScxNMZDiHD34Ym+uT5bny6lOnaApFzFaY3DOoENOipfgwk9SGg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 31 May 2021 01:38:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
impl.20210530-6-RELEASE.js
cdn.taboola.com/libtrc/ 		491 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210530-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thanthitrust-dailythanthi/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
06d5135164cf7ce56902eefb2a0e6489574b843dccf3675b26dbef2eadb6da0e

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
SaWnxFrxWeZVyTG2j98mBPdRFPSYXHxU
content-encoding
br
etag
"88c5332ddcffd7549763ad8e046bfd5b"
age
21358
x-cache
HIT
content-length
114903
x-amz-id-2
WtklfUOFG4tATmLjHLTXXl3DrW0R5phZelcAReYPDydtWxxYKpQd7/6hNffIzxXIfWSkS4rT9l0=
x-served-by
cache-hhn11556-HHN
last-modified
Sun, 30 May 2021 11:38:07 GMT
server
AmazonS3-br
x-timer
S1622425136.597565,VS0,VE0
date
Mon, 31 May 2021 01:38:55 GMT
vary
Accept-Encoding
x-amz-request-id
FDP7RGQZ2BSZ1YK9
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
65
x-cache-hits
108176
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=25540515&ns__t=1622425135598&ns_c=UTF-8&cv=3.5&c8=Tamil%20News%20%7C%20Tamil%20Newspaper%20%7C%20Latest%20Tamil%20news%20-%20Dailythanthi&c7=https%3A%2F%2...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=25540515&ns__t=1622425135598&ns_c=UTF-8&cv=3.5&c8=Tamil%20News%20%7C%20Tamil%20Newspaper%20%7C%20Latest%20Tamil%20news%20-%20Dailythanthi&c7=https%3A%2F%...
64 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=25540515&ns__t=1622425135598&ns_c=UTF-8&cv=3.5&c8=Tamil%20News%20%7C%20Tamil%20Newspaper%20%7C%20Latest%20Tamil%20news%20-%20Dailythanthi&c7=https%3A%2F%2Fwww.dailythanthi.com%2F&c9=
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-88.dus51.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:55 GMT
via
1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
bPGtuCK1_jBRpQ2z6oYuLuXl3PYwPj1OjjKKbtGqWv_87J5BGDpKnQ==

Redirect headers

date
Mon, 31 May 2021 01:38:55 GMT
via
1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=25540515&ns__t=1622425135598&ns_c=UTF-8&cv=3.5&c8=Tamil%20News%20%7C%20Tamil%20Newspaper%20%7C%20Latest%20Tamil%20news%20-%20Dailythanthi&c7=https%3A%2F%2Fwww.dailythanthi.com%2F&c9=
content-length
248
x-amz-cf-id
gxaDuvquSA6L5w_deTVU653D9BPh_Uc8HAMYJgGtrAhK02XRWoh24w==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1622425135598&ns_c=UTF-8&cv=3.5&c8=Tamil%20News%20%7C%20Tamil%20Newspaper%20%7C%20Latest%20Tamil%20news%20-%20Dailythanthi&c7=https%3A...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1622425135598&ns_c=UTF-8&cv=3.5&c8=Tamil%20News%20%7C%20Tamil%20Newspaper%20%7C%20Latest%20Tamil%20news%20-%20Dailythanthi&c7=https%3...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1622425135598&ns_c=UTF-8&cv=3.5&c8=Tamil%20News%20%7C%20Tamil%20Newspaper%20%7C%20Latest%20Tamil%20news%20-%20Dailythanthi&c7=https%3A%2F%2Fwww.dailythanthi.com%2F&c9=
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-88.dus51.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:55 GMT
via
1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
9Kd4WbMDxvjdDqQT9LzJ16fO0kYKfjLiMu-9I1If7aGqfS0SQj1mnQ==

Redirect headers

date
Mon, 31 May 2021 01:38:55 GMT
via
1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1622425135598&ns_c=UTF-8&cv=3.5&c8=Tamil%20News%20%7C%20Tamil%20Newspaper%20%7C%20Latest%20Tamil%20news%20-%20Dailythanthi&c7=https%3A%2F%2Fwww.dailythanthi.com%2F&c9=
content-length
253
x-amz-cf-id
aMUcKWtgyJYQMxflSKFsHG_qamVgt3Q10Cb6ymlRxHW7ZXY3IM4Ajg==
config
c.amazon-adsystem.com/cdn/prod/ 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=2809b61f-9195-4e3f-8bce-c5bd250625fd&u=https%3A%2F%2Fwww.dailythanthi.com%2F
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 15:29:56 GMT
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
server
Server
age
36539
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.dailythanthi.com
cache-control
max-age=86087, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
GLg722DP4JrpMoVHtTq60wh4ttAKu5Xjrf1vSgTwFo3Sz9c7puXmZQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.dailythanthi.com%2F&pid=ctNwTvLQe1LPx&cb=0&ws=1600x1200&v=7.65.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22468x60%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F313420551%2FDT_HSticky_Desktop%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F313420551%2Fdthome%2Fhr3%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F313420551%2Fdthome%2Fhml1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F313420551%2Fdthome%2Fhml2%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F313420551%2Fdthome%2Fhr5%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F313420551%2Fdthome%2Fhr6%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F313420551%2Fdthome%2Fhr4%22%7D%2C%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F313420551%2Fdthome%2Fhr2%22%7D%2C%7B%22sd%22%3A%228%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F313420551%2Fdthome%2Fhr1%22%7D%2C%7B%22sd%22%3A%229%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F313420551%2Fdthome%2Fhr8%22%7D%2C%7B%22sd%22%3A%2210%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F313420551%2Fdthome%2Fhr9%22%7D%2C%7B%22sd%22%3A%2211%22%2C%22s%22%3A%5B%22320x480%22%5D%2C%22sn%22%3A%22%2F313420551%2FDT_HRB_Mobile%22%7D%2C%7B%22sd%22%3A%2212%22%2C%22s%22%3A%5B%22320x50%22%5D%2C%22sn%22%3A%22%2F313420551%2FDT_HSticky_Mobile%22%7D%5D&cfgv=0&pubid=2809b61f-9195-4e3f-8bce-c5bd250625fd&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:55 GMT
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailythanthi.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
t9lA-84t6uD022m9PSUzeGbxDlz83PCkhwEhMLwKKOmA2Un_zmmjlg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
11674
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Sun, 30 May 2021 22:24:22 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
U72Vd12vi0VUPyt4cqXho6AO_UHCKv47N1nF8MFamWO5_7XubzEEdQ==
ta_t_i0_und.js
ssl.gstatic.com/inputtools/js/ime/2/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/inputtools/js/ime/2/ta_t_i0_und.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/inputtools/js/ita/inputtools_3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2d0ca1038a449a5383baf378652993e988ead0b02654c396516bf87c6901308
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 02:53:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
81906
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
734
x-xss-protection
0
expires
Mon, 31 May 2021 02:53:49 GMT
ita_sprite8.png
www.gstatic.com/inputtools/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/inputtools/images/ita_sprite8.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95f2122a0fdeb006bdf1b752aeb4444e5dd48c5288029cee224e4c439dfa8d13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 02:44:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
341643
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14589
x-xss-protection
0
expires
Fri, 27 May 2022 02:44:52 GMT
spike.js
adgebra.co.in/Spike/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/Spike/spike.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
551f29b41ba5aeed8a927c18698b6bcefdbd1f420462429c835b853718450ddd

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:55 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 21 Sep 2020 14:18:19 GMT
server
cloudflare
etag
W/"13470-1600697899000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7200
cf-ray
657c7c4a0a274e56-FRA
cf-request-id
0a61ac024100004e560bba8000000001
expires
Mon, 31 May 2021 03:38:55 GMT
atrk.js
certify-js.alexametrics.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-25.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
2878289
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 c51e3be89c14e3f859ea898f7e36eced.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
i6WEPJEa9oEq6KLi0Z3-ZdwniWGvBIqyu9vCRd-P5492VtzOgCWoyQ==
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5078
date
Mon, 31 May 2021 00:14:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 31 May 2021 02:14:17 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2e5087dba65e2017d202398c20f4038012891c825d6473b2414e3e0a1c6e0e4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
qsFBE58cXyHwuitL9orCTw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1781
x-fb-rlafr
0
x-fb-debug
ZwtTnQUctX/IotpXw/Nyd1xKGrTMpLY+XeasJ3GsQmKibLBohlHFckIRwj2mtpsKRc9NqgfcPIuiisX9we914w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
b387fb1bb170257a14f71c53922da563
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 31 May 2021 01:38:55 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"42ff75b406505504a8e56a0b9fd2f087"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 31 May 2021 01:58:35 GMT
script.js
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/coronaWidget46/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/coronaWidget46/script.js?cb=1622425136
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8cdfd2bc8fb21a0aa613e299151fcb6e7d7d3563be70785b1ca6cfda81ace714
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
4915
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
11805
etag
W/"97c5-rEIx3Cs6zpFrpkFc+9xClswp8i8"
x-served-by
cache-fra19152-FRA, cache-hhn4034-HHN
date
Mon, 31 May 2021 01:38:55 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
facebook.png
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/share/ 		599 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/share/facebook.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80961ae07786f126d8435a35c029db649671bcffef0c3aaf1dfab9bda02846b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
2163
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
599
etag
W/"257-Nb2FNABfk1Mr1E70eUgfLwaCddc"
x-served-by
cache-fra19162-FRA, cache-hhn4034-HHN
date
Mon, 31 May 2021 01:38:55 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
twitter.png
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/share/ 		884 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/share/twitter.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5a786666c740c398334ab39ea8fa5ee402f03e984704326b5e4803731bc86174
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
3768
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
884
etag
W/"374-ewe88w/XrDWpvPCc/YE1kF3xtrI"
x-served-by
cache-fra19142-FRA, cache-hhn4034-HHN
date
Mon, 31 May 2021 01:38:55 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
linkedin.png
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/share/ 		755 B
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/share/linkedin.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
969cdbbbd2d0e1faa7f9905eba9ed8956ab71fc29d53ea5477a6dab1c84df1d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
38136
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
755
etag
W/"2f3-iBg8yt7mUT6pYVX9ZyRp3HfKvNg"
x-served-by
cache-fra19183-FRA, cache-hhn4034-HHN
date
Mon, 31 May 2021 01:38:55 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
whatsapp.png
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/share/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/share/whatsapp.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3e4a0c3bc97048555f0c3ded3e29bb9a9b0e67587fc5a6195d7b6a0d06cf07f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
23145
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
2009
etag
W/"7d9-WOavr5nnKoPYqCGsb4ubVdH+fgo"
x-served-by
cache-fra19164-FRA, cache-hhn4034-HHN
date
Mon, 31 May 2021 01:38:55 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
clipboard.png
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/share/ 		639 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/share/clipboard.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
497b72c15a5b6d121a7eb81e018ce1b269727da364fae965ae1b5d5cfb17e9a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
2561
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
639
etag
W/"27f-DPE8C7fZAnSiIJDZe/mgf1Uz0fc"
x-served-by
cache-fra19169-FRA, cache-hhn4034-HHN
date
Mon, 31 May 2021 01:38:55 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
like_unmarked.png
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/share/ 		982 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/share/like_unmarked.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ddf8fba08ed7e0474b362127ddde6aca01cb043bc751223e216e820a8c52e75e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
32121
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
982
etag
W/"3d6-haRL+oN7ppyEx1qexdPQp6q3h0o"
x-served-by
cache-fra19144-FRA, cache-hhn4034-HHN
date
Mon, 31 May 2021 01:38:55 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
dislike_unmarked.png
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/share/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/share/dislike_unmarked.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
56a1ba10c485141ac0076151cf5813479c56c7fc0f98ec0defd9e210453dc226
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
21857
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
1105
etag
W/"451-ezNFR1dhQPJ8CGV8Guk0gWgZ2+c"
x-served-by
cache-fra19177-FRA, cache-hhn4034-HHN
date
Mon, 31 May 2021 01:38:55 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
share_unmarked.png
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/share/ 		882 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/share/share_unmarked.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fdcc617bcdca234f00e8841c6fde4aea213dfb0db62203c57976a63979827943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
21723
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
882
etag
W/"372-uEQbnwopZit9tFqrTCA2bAMD2+M"
x-served-by
cache-fra19174-FRA, cache-hhn4034-HHN
date
Mon, 31 May 2021 01:38:55 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
left-arrow.png
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/share/ 		420 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/share/left-arrow.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c323e7b251b93ff3f48b5bd378197a019bf2234aa0d12fa6a419d93457a265ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
8882
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
420
etag
W/"1a4-sbnDGZ/nY8XzuDrq3GowISWocYQ"
x-served-by
cache-fra19136-FRA, cache-hhn4034-HHN
date
Mon, 31 May 2021 01:38:55 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
quizImage.jpg
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/quiz/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/quiz/quizImage.jpg
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7967e0c909794a90a56774c3ffa38cfe0b50e410f70b6839c5072f8565fc4731
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
21760
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
5044
etag
W/"13b4-KwMJ7R0TWK1d1+NXbb0Z/zAAgg4"
x-served-by
cache-fra19160-FRA, cache-hhn4034-HHN
date
Mon, 31 May 2021 01:38:55 GMT
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
/
www.dailythanthi.com/ 		81 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailythanthi.com/
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29c::3975 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
83bad5922766a731b11cc37af0a6209ffb569f515f54a3dccf75dc8dc7ffba17

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.dailythanthi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://www.dailythanthi.com/
Connection
keep-alive
Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:55 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Last-Modified
Mon, 31 May 2021 01:32:26 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
public, max-age=209
Connection
keep-alive
X-Akamai-EURegion
Yes
Content-Length
14622
Expires
Mon, 31 May 2021 01:39:26 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.dailythanthi.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailythanthi.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		144 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3964979307402083&correlator=1160375128010148&output=ldjh&impl=fifs&hxva=1&scor=4326847728416167&eid=31060783%2C31061276%2C31061299&vrg=2021052501&ptt=17&sc=1&sfv=1-0-38&ecs=20210531&iu_parts=313420551%2Cdailythanthi%2CSection%2CDistrict%2CDistrictSection_Special%2CDT_HRB_Desktop%2CDT_HRB_Mobile%2CDT_HSticky_Desktop%2Cdthome%2Chr1%2Chr2%2Chr3%2Chr4%2Chr5%2Chr6%2Chr7%2Chr8%2Chr9%2Chtl%2Chbl%2Chml1%2Chml2%2Chmr2%2Chmr4%2Chmr5%2Chmr7%2Chmr8%2Chmr10%2Chmr11%2Chsr1%2Chsr2%2Chsr3%2Chsr4%2Chsr5&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2F9%2C%2F0%2F8%2F10%2C%2F0%2F8%2F11%2C%2F0%2F8%2F12%2C%2F0%2F8%2F13%2C%2F0%2F8%2F14%2C%2F0%2F8%2F15%2C%2F0%2F8%2F16%2C%2F0%2F8%2F17%2C%2F0%2F8%2F18%2C%2F0%2F8%2F19%2C%2F0%2F8%2F20%2C%2F0%2F8%2F21%2C%2F0%2F8%2F22%2C%2F0%2F8%2F23%2C%2F0%2F8%2F24%2C%2F0%2F8%2F25%2C%2F0%2F8%2F26%2C%2F0%2F8%2F27%2C%2F0%2F8%2F28%2C%2F0%2F8%2F29%2C%2F0%2F8%2F30%2C%2F0%2F8%2F31%2C%2F0%2F8%2F32%2C%2F0%2F8%2F33&prev_iu_szs=1x1%2C550x450%2C320x480%2C468x60%7C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C970x90%7C728x90%2C970x250%7C728x90%7C970x90%2C970x90%7C728x90%2C970x90%7C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x100%2C300x100%2C300x100%2C300x100%2C300x100&prev_scp=%7C%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C%7C%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1622424746&dt=1622425135853&dlt=1622425135280&idt=186&frm=20&biw=1600&bih=1200&oid=3&adxs=175%2C-12245933%2C-12245933%2C284%2C1059%2C1059%2C1059%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C163%2C210%2C-9%2C-9%2C-12245933%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C1059%2C-9%2C-9%2C-9%2C-9&adys=1399%2C-12245933%2C-12245933%2C1140%2C202%2C217%2C232%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C1379%2C1426%2C-9%2C-9%2C-12245933%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C247%2C-9%2C-9%2C-9%2C-9&adks=140389984%2C2864855696%2C1171983102%2C3266266796%2C636366603%2C4163065833%2C3967902660%2C188130627%2C620675489%2C1540826270%2C2811792372%2C1313257854%2C4022108348%2C1583017600%2C1854639812%2C1925442129%2C106995140%2C3194398252%2C2019683748%2C1931219381%2C25477442%2C1723983022%2C760622656%2C2163171922%2C3785978411%2C1007447717%2C4027448444%2C833547031%2C1878895380&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm%7Cn%7Co%7Cp%7Cq%7Cr%7Cs%7Ct&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.dailythanthi.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1250x1%7C0x-1%7C0x-1%7C728x-1%7C370x15%7C370x15%7C370x15%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1274x15%7C1250x15%7C0x-1%7C0x-1%7C0x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C370x115%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=1x-1%7C0x-1%7C0x-1%7C728x-1%7C330x0%7C330x0%7C330x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1274x0%7C1210x0%7C0x-1%7C0x-1%7C0x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=121747644&ga_fc=false&fws=0%2C644%2C644%2C512%2C4%2C4%2C4%2C2%2C2%2C2%2C2%2C2%2C2%2C0%2C4%2C2%2C2%2C128%2C2%2C2%2C2%2C2%2C2%2C2%2C4%2C2%2C2%2C2%2C2&ohw=0%2C1648%2C0%2C0%2C370%2C370%2C370%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1250%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C370%2C0%2C0%2C0%2C0&btvi=1%7C-1%7C-1%7C0%7C0%7C0%7C0%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C2%7C3%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C0%7C-1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
4a7562f5d27f6ca79e334ba1594a63b2f8af0b158be29818facbe4b6a022aba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27302
x-xss-protection
0
google-lineitem-id
-2,-1,-2,5365930985,5576209666,-1,-2,-2,-2,5301700703,-2,-2,-2,5576209678,-2,-2,-2,5551710621,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-2,138342289897,138225304147,-1,-2,-2,-2,138303604043,-2,-2,-2,138225304207,-2,-2,-2,138313944502,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailythanthi.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3177363cb3f4f6203a894876a9c99928.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://3177363cb3f4f6203a894876a9c99928.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie.js
partner.googleadservices.com/gampad/ 		206 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.dailythanthi.com&callback=_gfp_s_&client=ca-pub-3076479851646180
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3076479851646180&plah=www.dailythanthi.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
079fbf03f6bfa5f27a9de1beba133d2f5866b6b41c104a20f6cbf879b00bef1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BE3E 		399 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=280&slotname=5090965374&adk=3391107727&adf=470411946&pi=t.ma~as.5090965374&w=336&lmt=1622424746&psa=0&format=336x280&url=https%3A%2F%2Fwww.dailythanthi.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425135526&bpp=4&bdt=246&idt=355&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=7695781475912&frm=20&pv=2&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=121747644&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3964979307402083&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4VbjCURqqa&p=https%3A//www.dailythanthi.com&dtd=370
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3076479851646180&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d0359a684b02f214b941218c17707315e7f4df1f9c3b88a90b912e3cea13bf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3076479851646180&output=html&h=280&slotname=5090965374&adk=3391107727&adf=470411946&pi=t.ma~as.5090965374&w=336&lmt=1622424746&psa=0&format=336x280&url=https%3A%2F%2Fwww.dailythanthi.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425135526&bpp=4&bdt=246&idt=355&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=7695781475912&frm=20&pv=2&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=121747644&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3964979307402083&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4VbjCURqqa&p=https%3A//www.dailythanthi.com&dtd=370
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 31 May 2021 01:38:56 GMT
server
cafe
content-length
199
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 31-May-2021 01:53:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 31 May 2021 01:38:56 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3076479851646180&plah=www.dailythanthi.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028727180027"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Mon, 31 May 2021 01:38:55 GMT
stories-vertical-ui.20210530-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		585 B
710 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/stories-vertical-ui.20210530-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thanthitrust-dailythanthi/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c888181a33972580a293f93de0dc3ca3f95628d604f76e58b8e3dc5987a3714c

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GkQHmWe4yqYFnNwxljVzPnDd29pEErLf
content-encoding
gzip
etag
"5fa4f61f5aa361e0770a34a3ed8e17f3"
age
91
x-cache
HIT
x-amz-replication-status
PENDING
content-length
316
x-amz-id-2
yENtf+uqUQoiP/MPk0pNtG9cUHr0wek8kaDEifDdPEeSTm2lKAHmYqB556wsUomuIZ4JrbkXPgM=
x-served-by
cache-hhn11556-HHN
last-modified
Sun, 30 May 2021 11:44:58 GMT
server
AmazonS3
x-timer
S1622425136.912471,VS0,VE0
date
Mon, 31 May 2021 01:38:55 GMT
vary
Accept-Encoding
x-amz-request-id
VY80R57M7E428759
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
65
x-cache-hits
172
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.dailythanthi.com%2F&tn=DIV&id=welcome&cls=show&ign=false
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 16CD 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&adk=1812271804&adf=3025194257&lmt=1622424746&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425135808&bpp=1&bdt=528&idt=115&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&nras=1&correlator=7695781475912&frm=20&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=121747644&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3964979307402083&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=126
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3076479851646180&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3076479851646180&output=html&adk=1812271804&adf=3025194257&lmt=1622424746&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425135808&bpp=1&bdt=528&idt=115&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&nras=1&correlator=7695781475912&frm=20&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=121747644&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3964979307402083&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=126
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 31 May 2021 01:38:55 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 31-May-2021 01:53:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 31 May 2021 01:38:55 GMT
cache-control
private
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1351594641561471&ev=PageView&dl=https%3A%2F%2Fwww.dailythanthi.com%2F&rl=&if=false&ts=1622425135947&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.1.1622425135946.1413972291&it=1622425135578&coo=false&exp=l0&rqm=GET
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:55 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 31 May 2021 01:38:55 GMT
sdk.js
connect.facebook.net/en_US/ 		218 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=4ad42591bb1de61c8668b6f3bd497059&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6d0e90a0aaa5c6a9dfae5f91df2e379681f1cd63e4bac6a611b68f460fbbb1e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.dailythanthi.com
Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
aKFqUWQvkXZhO3s9FQ9CkA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
65698
x-fb-rlafr
0
x-fb-debug
IXTyxKK/G5NZ2NzTTMIfGLKZA1o5sGPISzutzIeoXubNtOu0foVtzdDvfDgsKWCo3SnzNJIMfGJ6qu3fjfqlig==
x-fb-content-md5
e20f87b2225ac5a34a1093464232f00e
x-frame-options
DENY
date
Mon, 31 May 2021 01:38:55 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"574bc827e20cf7bf601f9e455a75a07f"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 31 May 2022 00:52:59 GMT
blockedpages.json
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/blocks/ 		1 MB
289 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/blocks/blockedpages.json
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a3ebacc26a1c3835f2df5c64c5ee68cf37e5fbc2617eee3fb2b5a6f4d0b24825
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
5840
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
295425
etag
W/"10b7c6-QQKKw3isQTbc6s6x5c24dTFJORE"
x-served-by
cache-fra19125-FRA, cache-hhn4061-HHN
date
Mon, 31 May 2021 01:38:55 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
dailythanthi.png
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/coronaWidget46/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/coronaWidget46/dailythanthi.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
944683c22bac4fb0782048616bdac89229039afa4d41dae6ed947ada18d9a93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
7761
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
7392
etag
W/"1ce0-+EUYZEhf8biSMkX+nMKjr/l4Skw"
x-served-by
cache-fra19146-FRA, cache-hhn4034-HHN
date
Mon, 31 May 2021 01:38:55 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1514477076&utmhn=www.dailythanthi.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35963920-1&cid=911410119.1622425136&jid=781876256&_v=5.7.2&z=1514477076
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35963920-1&cid=911410119.1622425136&jid=781876256&_v=5.7.2&z=1514477076
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35963920-1&cid=911410119.1622425136&jid=781876256&_v=5.7.2&z=1514477076&slf_rd=1&random=2333654916
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35963920-1&cid=911410119.1622425136&jid=781876256&_v=5.7.2&z=1514477076&slf_rd=1&random=2333654916
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:56 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35963920-1&cid=911410119.1622425136&jid=781876256&_v=5.7.2&z=1514477076&slf_rd=1&random=2333654916
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Tamil%20News%20%7C%20Tamil%20Newspaper%20%7C%20Latest%20Tamil%20news%20-%20Dailythanthi&time=1622425135986&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.dailythanthi.com%2F&random_number=10080209681&sess_cookie=9918385e179c012eb7195badd1b&sess_cookie_flag=1&user_cookie=9918385e179c012eb7195badd1b&user_cookie_flag=1&dynamic=true&domain=dailythanthi.com&account=KIiUm1a4KM+2mh&jsv=20130128&user_lang=en-US
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-21.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 05:39:39 GMT
Via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
71957
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
DUS51-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
2DXKLb4o_2AXc-AhjT0XfAtfyYKNEuDHQ-mve3-IbgdPjUMriG5O1Q==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.213.1.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-213-1-67.us-west-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:56 GMT
server
Server
SpikeHitByUrl
adgebra.co.in/Spike/ 		0
115 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/Spike/SpikeHitByUrl?Device=2&url=https://www.dailythanthi.com/&hrId=2021053103
Requested by
Host: adgebra.co.in
URL: https://adgebra.co.in/Spike/spike.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-cache
cf-ray
657c7c4bfc634e56-FRA
content-length
0
cf-request-id
0a61ac037e00004e562ab4f000000001
expires
Mon, 31 May 2021 01:38:55 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=951894581587469&ev=fb_page_view&dl=https%3A%2F%2Fwww.dailythanthi.com%2F&rl=&if=false&ts=1622425136023&sw=1600&sh=1200&at=
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:56 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Mon, 31 May 2021 01:38:56 GMT
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-141787416-1
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3bafdbc50f1eab55b0c2858ff6a49c492bc8dabf828842fb9537f9fd974e2911
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35863
x-xss-protection
0
last-modified
Mon, 31 May 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 May 2021 01:38:56 GMT
gpt.js
www.googletagservices.com/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed8fd5966c1d769a76d49fe6929becc99ca387a013c2bbed13165f9e5bfb315c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"888 / 263 of 1000 / last-modified: 1622153345"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21426
x-xss-protection
0
expires
Mon, 31 May 2021 01:38:56 GMT
get_stat
covidapi.unibots.in/ 		10 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://covidapi.unibots.in/get_stat
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
172.105.34.228 Mumbai, India, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1986-228.members.linode.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fa57aadd60b7ab6635842a44dfe10c67205549d67cc4f521ba112cc3cb147d15

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:38:57 GMT
Server
nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,Auth-Token
Content-Length
10682
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.dailythanthi.com%2F&tn=DIV&id=welcome&cls=show&ign=false
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.dailythanthi.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3076479851646180&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailythanthi.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3076479851646180&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A6C8 		0
20 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6376205116838079&output=html&adk=1812271804&adf=1573534164&lmt=1622424746&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136041&bpp=1&bdt=760&idt=0&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc15c5e7fd1b40a52-227224a54dc8007f%3AT%3D1622425135%3ART%3D1622425135%3AS%3DALNI_MZ-iqcjq-gqZP2h2WtNRHME3lHRhA&prev_fmts=336x280%2C0x0&nras=2&correlator=7695781475912&frm=20&pv=2&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=121747644&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3964979307402083&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=32&uci=a!w&fsb=1&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3076479851646180&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6376205116838079&output=html&adk=1812271804&adf=1573534164&lmt=1622424746&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136041&bpp=1&bdt=760&idt=0&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc15c5e7fd1b40a52-227224a54dc8007f%3AT%3D1622425135%3ART%3D1622425135%3AS%3DALNI_MZ-iqcjq-gqZP2h2WtNRHME3lHRhA&prev_fmts=336x280%2C0x0&nras=2&correlator=7695781475912&frm=20&pv=2&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=121747644&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3964979307402083&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=32&uci=a!w&fsb=1&dtd=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 31 May 2021 01:38:56 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
IDE=AHWqTUkpb83zOUNZR_A1uJwRoRp-LpvtqLHREhRZ2A8Mn8Q2HMByfARbRsC2fzyRIag; expires=Sat, 25-Jun-2022 01:38:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 31 May 2021 01:38:56 GMT
cache-control
private
adScript.js
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/ 		348 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
61cd6b8219f6cc7f2a6f6640e246a0ab1a0890aff678ec2abcba309e3173dac0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
20058
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
111208
etag
W/"56f23-FasWj1oSkcT3CUc7ZSFV3GjmLJc"
x-served-by
cache-fra19130-FRA, cache-hhn4034-HHN
date
Mon, 31 May 2021 01:38:56 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
adScriptDT.js
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScriptDT.js
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f90dbf1b6c133709d9e77404ed79ddba9196a30e587d940df7c21e937998ed44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
6669
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
4486
etag
W/"3923-zR2L38DGiTD93N2vqSIwx4YlgSI"
x-served-by
cache-fra19125-FRA, cache-hhn4034-HHN
date
Mon, 31 May 2021 01:38:56 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-141787416-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
4324
date
Mon, 31 May 2021 00:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Mon, 31 May 2021 02:26:52 GMT
/
pro.ip-api.com/json/ 		39 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?fields=status,message,countryCode&key=LWKtz4EzQwMJRyQ
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScriptDT.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , France, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
6c6489a7d04f10c1a0342b15616350774cb7fbe16e98341d13bde9ff539b7c51

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 31 May 2021 01:38:56 GMT
Content-Length
39
Content-Type
application/json; charset=utf-8
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=121747644&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dailythanthi.com%2F&ul=en-us&de=UTF-8&dt=Tamil%20News%20%7C%20Tamil%20Newspaper%20%7C%20Latest%20Tamil%20news%20-%20Dailythanthi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=242132759.911410119.1622425136.1622425136.1622425136.1&_utmz=242132759.1622425136.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1622425136109&_u=YQBCAUABAAAAAC~&jid=1022120609&gjid=1981606064&cid=911410119.1622425136&tid=UA-141787416-1&_gid=370178480.1622425136&_r=1&gtm=2ou5q1&z=560465681
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dailythanthi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
438.json
id5-sync.com/g/v2/ 		213 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/438.json
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.22 , France, ASN16276 (OVH, FR),
Reverse DNS
p09.id5-sync.com
Software
/
Resource Hash
8ee6450e6b9dc01b9ea841e7469c5fed6ee2ad520dfd9cef2a0c303bc7748882
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.dailythanthi.com
Date
Mon, 31 May 2021 01:38:50 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
/
hb.emxdgt.com/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=2000&ts=1622425136185&src=ubpbjs
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.10.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-10-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailythanthi.com
date
Mon, 31 May 2021 01:38:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
mvo
tag.1rx.io/rmp/205945/0/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/205945/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailythanthi.com
pragma
no-cache
date
Mon, 31 May 2021 01:38:56 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cdb
bidder.criteo.com/ 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.25.0&cb=88261313213
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailythanthi.com
date
Mon, 31 May 2021 01:38:55 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
adreq
ads.servenobid.com/ 		421 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=3757
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-172-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ca37539556bc63b7dee5a085a1784418eb0f7cb7d6b4718983de69d045a5126d

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 May 2021 01:38:56 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.dailythanthi.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailythanthi.com
date
Mon, 31 May 2021 01:38:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.dailythanthi.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
header
hb.aralego.com/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-627D22BBEA828E2A1EA8272D6AD4EEA2&tdid=&schain=&fp=undefined&id5id_uid=0&host=www.dailythanthi.com&u=https%3A%2F%2Fwww.dailythanthi.com%2F&xr=0&ucfUid=ca996016-424f-4bc2-aa5c-2b38bfe9b8d0&w=320&h=50
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.dailythanthi.com
Date
Mon, 31 May 2021 01:38:56 GMT
Access-Control-Allow-Credentials
true
Connection
close
hb
cpm.fmlabsonline.com/ 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.fmlabsonline.com/hb?zone=126369&v=1.5
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 01:38:56 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.dailythanthi.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
0
bid
ap.lijit.com/rtb/ 		24 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.25.0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
249e6f18e8677a7aea636037aa28c2d830c058dfc13b06d3021b440d9b289d6d

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 31 May 2021 01:38:56 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailythanthi.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
prebid
ib.adnxs.com/ut/v3/ 		19 B
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 01:38:56 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.143:80
AN-X-Request-Uuid
392f3ead-2c43-4781-837c-b20f4faafdca
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.dailythanthi.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 01:38:56 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.50:80
AN-X-Request-Uuid
47c5a34a-f1e1-450a-8e98-25e3ad21bdfe
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.dailythanthi.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.25.0&cb=53081194864
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailythanthi.com
date
Mon, 31 May 2021 01:38:55 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary8L3GA9Vdn4Ovykjq

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Mon, 31 May 2021 01:38:56 GMT
content-type
text/plain
access-control-allow-origin
https://www.dailythanthi.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210524&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3076479851646180&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb242e1ac9a8fa9dc5f95787f0d1a78dd6de230bd64d3d4ce68da9fd5b67ac80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7664
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3076479851646180&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 31 May 2021 01:38:56 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame AEED 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sun, 30 May 2021 22:29:49 GMT
expires
Mon, 30 May 2022 22:29:49 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
11347
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D987 		783 B
529 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2f2f2caed1d5b59c9acfbb35c443996e0cd20aa003ef9d76f317e0e17ee35f68
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ilYw9TggncCWca5sEKh/6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

expires
Mon, 31 May 2021 01:38:56 GMT
date
Mon, 31 May 2021 01:38:56 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ilYw9TggncCWca5sEKh/6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
510
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.dailythanthi.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailythanthi.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3964979307402083&correlator=4047548280329428&output=ldjh&impl=fifs&hxva=1&scor=4326847728416167&eid=31060783%2C31061276%2C31061299&vrg=2021052501&ptt=17&rdp=1&sc=1&sfv=1-0-38&ecs=20210531&iu_parts=21928950349%2Cdailythanthi.com_NB_320x50&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&eri=1&cookie=ID%3Dc15c5e7fd1b40a52-227224a54dc8007f%3AT%3D1622425135%3ART%3D1622425135%3AS%3DALNI_MZ-iqcjq-gqZP2h2WtNRHME3lHRhA&bc=31&abxe=1&lmt=1622424746&dt=1622425136623&dlt=1622425135280&idt=186&frm=20&biw=1600&bih=1200&oid=3&adxs=1277&adys=1147&adks=1696703067&ucis=u&ifi=33&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.dailythanthi.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x-1&msz=320x-1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=121747644&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
84a62de3fe27c1a39c8a0551b639f3f2dbe12fdc55db6b6ebd9bcef0ab7c26f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11061
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailythanthi.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
pagead2.googlesyndication.com/bg/ Frame AEED 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 19:57:48 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
20468
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5771
x-xss-protection
0
expires
Mon, 30 May 2022 19:57:48 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012104130153000/ Frame E74B 		192 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
842c872b3898f5b0e7d31292eebc5442195611e262f59bae3e7d5b63c507e00d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134495
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55414
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"806d9da51f0ab461"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:21 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame E74B 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3d84be67c0c5be9cfca5550b4bcc0947d40d62806652b81f7c296bfbc427357
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134497
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4561
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f7d3159bb96ed225"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:19 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame E74B 		88 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb759faf67697ba0b5359e9574f85b1fe60574b6d96fce3df6eaf102501b107c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134497
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27392
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"025b1bcedb95d6d9"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:19 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame E74B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7139c86828ab90555f59fbccbf0209ed8da1f5498ba5d78f80c3b189f38e705
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134497
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"26e8fee94434f5d6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:19 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame E74B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc29500273c93c58829591b68df2cd5b8885409f82654d852b5b9b65d18f7be
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134496
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12750
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"73bdf441b447cfc6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5761 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXulnbaEfji3XIXNtJ8MBgCsG6NNbJa4fDjzeR7YC5IhnAuybO3tMWVkc-CkmOdgIOT0wb7rs7UvYhHGTxnDOW2iMuCjjeIkE4qTrLAPqn8xJSWHVg1XW37AyUJMTp1_uNSLME5IQh-QUPJmgHUbP9WCK-KB7J2Pa9rdVy1DsIHMhg7tGgCXc7aUOzmd_10YDHMabvJgNZl91KPhGNnaXYwTP_jOI5nxXVc2g_e3PwG5eCWemaM1EKkqM42ma4yqxYHlXoiNkWqsEHD5vjzr8U_rl0vY3e83uPr2LorNRQRWsxLA1xPJy1zu334fA&sai=AMfl-YTPZx8CFmMD_vE2Bg10oOCVv1fIbt7Rjw-aaFgPVFkqv-nz_HOX-1o55q3CdqsTulvUEbgvXNE-m4KhbaMi8YbxrubA-lAenseBbOxMAZS1ETNx__kMRRPZgdjS5yI&sig=Cg0ArKJSzH3TqjRXIxlTEAE&urlfix=1&adurl=
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 5761 		134 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48356
x-xss-protection
0
server
cafe
etag
3890051329819667200
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 31 May 2021 01:38:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5761 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Mon, 31 May 2021 01:38:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DD17 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRxMYwyh316z8lg2Xy22ke9U5spk2KQoNKlSlnVxLMEF65g7q-jes5kZ7S8mQLlvOx-2BvvFxoM5JyJkbQRKqMrxeahgNEdlnanhdSRlpiJLfX0nNsTgP4cfChZhxgJKVpgDo0BAhwMi0NmKQOyQ8lYuBqrGinv_zu4NDp9lME7MsjHKTDLDBVYoShCwWpZk7to_HZUer0eLiRGmHgLIUwQsPb0aUuPRiUDTsl9l32efID5IDJtRFpHpEWcVA6bdpRw-TJ_G16LYnR76HJJjA8jxm6N6OXwUiZlllRMcp25VTBgTBFQg&sai=AMfl-YQ3lLJFpt7radZGnNie8PGmRQwNX6BagmaRkom4qjCwCk_JW6e0GJZM860FyZEz5zyj7i0eGI_hpBpMy2PEutdj5qC9BcPwH4CRRkvHpEako_0NOrRGpXP14L4kaxg&sig=Cg0ArKJSzN7tXGAAOrJhEAE&urlfix=1&adurl=
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
tags.js
tags.expo9.exponential.com/tags/DailyThanthicom/ROS/ Frame DD17 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.expo9.exponential.com/tags/DailyThanthicom/ROS/tags.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:417 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca229cdda37de6f83a11b4c31989ae0e4d66b0794827834c39291f3aae42b41

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:57 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14095
cf-request-id
0a61ac0687000032375c1b5000000001
x-function
151
last-modified
Mon, 22 Mar 2021 08:13:58 GMT
server
cloudflare
x-reuse-index
1
etag
6577007056246489359
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
657c7c50dadb3237-FRA
expires
Mon, 31 May 2021 02:38:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DD17 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Mon, 31 May 2021 01:38:56 GMT
3866992690829623449
tpc.googlesyndication.com/simgad/ Frame E74B 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3866992690829623449?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn3L4wQkSJbQI6GbwzeJ96-TBaHYg
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8143c07cb6ce244f2dcac5fdb46c47b8065b760c9bb5cb2076d8398bafb1f04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 04:27:19 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Dec 2020 16:16:16 GMT
server
sffe
age
594697
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55077
x-xss-protection
0
expires
Tue, 24 May 2022 04:27:19 GMT
ta.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E74B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ta.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b92732da0de24ce3f182957b0eeaecaf64eb49756b0b61d824435ad79a1c69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 19:54:41 GMT
x-content-type-options
nosniff
server
cafe
age
20655
etag
3047996036101863798
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5182
x-xss-protection
0
expires
Mon, 31 May 2021 19:54:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E74B 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 09:25:49 GMT
x-content-type-options
nosniff
server
cafe
age
58387
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 31 May 2021 09:25:49 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E74B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDCUvLz60YLyoOre3x_AP-t2j2Auplb_FYoOOr4_pDePjtNyqCRABIKLdnWRglfrwgYwHoAGcr_uoAsgBAuACAKgDAcgDCKoE8wFP0GueJ8pEz8cKCyh1krsNxDl7Mwz6XaOL0S_9elFZ2v4f3DsOsbpyzNtRKpr2dZONmx86_D1_6ZVEQ3leQ2nl1nf7oxppEQvJPb4z-FAHVHr0V4EWd_dgvNbyWJ-IK194SFndwXsl_0n08ClqAZeZxEGknzUAPumm-w8zwnAi4YMlPy1QSu30bzah9BArByE1X5FahDQRoGwrrqu81zpth7g7AHvCmOyDza1I3bzTZne1EOUDIZbUorTFGhF6RsyshRG-a9JZ9dS21AJfe2clfbhgxqFqAFPVIp1kxCFT_Ig_0FktC9ohdpnxElrD5PSXD-3ABJSzyvvHA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCvvUPSCAkIgOGAUBABGB2ACgPICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItODYwMDc0MDEzMjM0OTI2Mw&sigh=GB6K96j91FM
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012104130153000/ Frame C802 		192 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
842c872b3898f5b0e7d31292eebc5442195611e262f59bae3e7d5b63c507e00d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134495
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55414
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"806d9da51f0ab461"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:21 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame C802 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3d84be67c0c5be9cfca5550b4bcc0947d40d62806652b81f7c296bfbc427357
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134497
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4561
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f7d3159bb96ed225"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:19 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame C802 		88 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb759faf67697ba0b5359e9574f85b1fe60574b6d96fce3df6eaf102501b107c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134497
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27392
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"025b1bcedb95d6d9"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:19 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame C802 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7139c86828ab90555f59fbccbf0209ed8da1f5498ba5d78f80c3b189f38e705
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134497
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"26e8fee94434f5d6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:19 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame C802 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc29500273c93c58829591b68df2cd5b8885409f82654d852b5b9b65d18f7be
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134496
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12750
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"73bdf441b447cfc6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:20 GMT
ta.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C802 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ta.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b92732da0de24ce3f182957b0eeaecaf64eb49756b0b61d824435ad79a1c69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 19:54:41 GMT
x-content-type-options
nosniff
server
cafe
age
20655
etag
3047996036101863798
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5182
x-xss-protection
0
expires
Mon, 31 May 2021 19:54:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C802 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 09:25:49 GMT
x-content-type-options
nosniff
server
cafe
age
58387
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 31 May 2021 09:25:49 GMT
truncated
/ Frame C802 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7a2310c9154f19eedb82407f74c1a145730de64287ee9e23303cabea3245ac2

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0ABC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1IJ8yBK6r14SeUZV-5ViLKKiXkIlma0zjHP54b3wzb2jIGXGlfiDAHBVZEpfs-b5TjgzsWCFoOI0gI8RgkB-J4__A-vuJb4_oS7lqAZazopm86n5mdb9fgpo0E10uDSz2AhT5CcUiJ7pg5GU4vfe6fvXHTfMzwmCZDQactXDXJIq8lbWjNdmGtQnhAq6LgcNdhY1q2qcj1BUunyP30Z51e27LpulX89aUejt7Oa2mmOQ0k68iJFzXlt6TYBVg8cruYDyKXKg9gQOdl-ec89NeisXovkaQLPeJu52AAXYEY9qbxg&sai=AMfl-YRCP0eB1wZwEedd4I9OBM41JGV3gKWnjj_LP0wnxaHvE_I7UXL8TDbEH5Kg2tFgAgakhufPF6TqKn3rDeXHYWcn13GdTVgHCZfqSkGM9vjeDiozc6hw3TnuV_y2rwg&sig=Cg0ArKJSzHmFQAsvbxQuEAE&urlfix=1&adurl=
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
tags.js
tags.expo9.exponential.com/tags/DailyThanthicom/ROS/ Frame 0ABC 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.expo9.exponential.com/tags/DailyThanthicom/ROS/tags.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:417 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca229cdda37de6f83a11b4c31989ae0e4d66b0794827834c39291f3aae42b41

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:56 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14095
cf-request-id
0a61ac069f0000323760a6f000000001
x-function
151
last-modified
Mon, 22 Mar 2021 08:13:58 GMT
server
cloudflare
x-reuse-index
3
etag
6577007056246489359
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
657c7c50fafa3237-FRA
expires
Mon, 31 May 2021 02:38:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0ABC 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Mon, 31 May 2021 01:38:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DEC9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2bbXQBC9Kl7OFEhcJJGMki7mo-4WD3ux30cEz3A-m-nnSvBQw7ndv7m5UcsNIkHAN3s2O6ZEPe4_wFWM2uPC9hw7Wq12s2ImZNt7yn6JpcTJ_rBYjclzw0xHUUEalWz29oDh7Pd2s1Gv7MgdiOHdzvaYQqd2Hylx56sUc2HWFJK66cJZdYfs5Q9G7qT8YUe-47MLZi0LDIp5GGGHThkp8gIzxAQCQd2dKAttGMjtEWKikVq8nReNV-npdRT7UQBAES3205HMm-qDL7yjhTmE5jqmc_oRFvuv7P4seb3-TtLLkHQ&sai=AMfl-YTB-ILxP94ZwLpWGZsk6tr5UK23FvC-66tm-ZkoEQqjjznT1s72Zsd59O-5rMrGHfqhmEH0i_g6TekaEMsTk1MrqfFeb-VDKfFc7CzLpWOx8fbHJvxII3cxuH8PJpY&sig=Cg0ArKJSzHrGDUAgwgmhEAE&adurl=
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame DEC9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 01:35:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DEC9 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Mon, 31 May 2021 01:38:56 GMT
4402181820432863315
tpc.googlesyndication.com/simgad/ Frame DEC9 		179 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4402181820432863315
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfbcf6f2b7dc03fb7c4fa16ed987493dc7334e235956fdf4ac64a7e3832bcc63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 05:07:48 GMT
x-content-type-options
nosniff
age
246668
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
182814
x-xss-protection
0
last-modified
Sat, 06 Jun 2020 08:05:31 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 May 2022 05:07:48 GMT
10380099308700684846
tpc.googlesyndication.com/simgad/ Frame C802 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10380099308700684846?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnAMqSby8JhKjXftPhN1B8mE1wapQ
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09c702b2b9951f3e21f47dce2acf73162552fe6f279d5fdfe10b256dba6996d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 02:06:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Dec 2020 16:16:14 GMT
server
sffe
age
343920
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44007
x-xss-protection
0
expires
Fri, 27 May 2022 02:06:56 GMT
l
www.google.com/ads/measurement/ Frame C802 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSIbjXiw60n1DREQ-6G_MCzKCAL48Fom5s139WpMIBC6rqulM10SErZtIhc6xqPavAdtOKC
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C802 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVbE0Lz60YP-tOre3x_AP-t2j2Auplb_FYsuPr4_pDePjtNyqCRABIKLdnWRglfrwgYwHoAGcr_uoAsgBAuACAKgDAcgDCKoE9gFP0ArjURxosAXo7uO1Hd14RxgmAuLltvFsRd_CnOSBza-l8u3Ys_GykbaqL4DheP2664e2IDg_z5HQbYlzrRI6wwNXNYTeSwvYn4_qXmhPXcPW75OQrPoxo2Vose3lRtYTQGOynrpw-TsKCNk0OS7RvgKt3xF8WMdKzuj7WIefaOF8IQAoEcShA2o2LCPB3j25oAaHLPNZudQ-h1ZFFNRJ6zw1P7_9dTHORPhy-cJopa_RgUZ-SXLajlphHPqHESZpPuWE9xC8tb30Km7wrB8zu-ok5YceyXwoIIKpSJCPOlZK4WHe3p1vXpLPrdAoJZuYiq7oAl3ABJSzyvvHA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBD-mCrSCAkIgOGAUBABGB2ACgPICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItODYwMDc0MDEzMjM0OTI2Mw&sigh=jodmXxczY9A
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame DEC9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssM31czw-4SKYARQ8YXQ4oXYSr3QefoBEoaUZfpz5S2bmGxlgZDXugRtogPtQhL1HwQ3qOxB1GL5kTmJKGFPhEhmU-8dnGlMiG-qRjKxeo7bSNZ3tYSpK77_PXzmaBy6Nt8AvSFOj7x_zwgxMRL5acwloOhQjlJ74ZuCIUncgQDW0agHbK7kOxclSCDpkC6Dgue5IVSp2YBfUxS8-MJmd0_zYCYFAnC6O4w34Kk24mucY6kwStFroQTjs-RiWtsDdZt6H9oWvKxI-dV2leUBloHWoPHxz_QnDLrr9i1qFS3Ma48MPWE&sai=AMfl-YRYfq5CKw9v87YMslMU6mxT889-youBJIccDGHa5ueNQd2HULVXcqfsBlsNhmWnQ4GXUsuctlpF32200OcXAhWKjKco_SqhZEqF0sz7ydJquROdltMUAn0nFh1iSDs&sig=Cg0ArKJSzBU6JjeYoKdqEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 May 2021 01:38:56 GMT
truncated
/ Frame 5761 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0a6e3bcd733ba59a884f971da28382eb75975633a51d42497cc65db35240180

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/ Frame 5761 		232 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3076479851646180&plah=www.dailythanthi.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87658
x-xss-protection
0
server
cafe
etag
5316214545020586774
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 31 May 2021 01:38:56 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012104130153000/ Frame 5D3F 		192 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
842c872b3898f5b0e7d31292eebc5442195611e262f59bae3e7d5b63c507e00d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134495
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55414
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"806d9da51f0ab461"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:21 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame 5D3F 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3d84be67c0c5be9cfca5550b4bcc0947d40d62806652b81f7c296bfbc427357
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134497
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4561
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f7d3159bb96ed225"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:19 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame 5D3F 		88 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb759faf67697ba0b5359e9574f85b1fe60574b6d96fce3df6eaf102501b107c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134497
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27392
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"025b1bcedb95d6d9"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:19 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame 5D3F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7139c86828ab90555f59fbccbf0209ed8da1f5498ba5d78f80c3b189f38e705
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134497
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"26e8fee94434f5d6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:19 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012104130153000/v0/ Frame 5D3F 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012104130153000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc29500273c93c58829591b68df2cd5b8885409f82654d852b5b9b65d18f7be
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134496
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12750
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 12:17:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"73bdf441b447cfc6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 12:17:20 GMT
ta.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5D3F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ta.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b92732da0de24ce3f182957b0eeaecaf64eb49756b0b61d824435ad79a1c69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 19:54:41 GMT
x-content-type-options
nosniff
server
cafe
age
20655
etag
3047996036101863798
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5182
x-xss-protection
0
expires
Mon, 31 May 2021 19:54:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5D3F 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061299
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 09:25:49 GMT
x-content-type-options
nosniff
server
cafe
age
58387
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 31 May 2021 09:25:49 GMT
truncated
/ Frame 5D3F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07cdc140e30f20b58b03425ca18ecfb5b1cd4485cf25de4a9bfbf5d976ba9116

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
9425318082691336925
tpc.googlesyndication.com/simgad/ Frame 5D3F 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9425318082691336925?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlxfHWx043LIHj3HpALPe32qGZttg
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fddca13b15b6866d34a3c6995d1de73b27bcbf42aea81e733b4a4ef5dae0759
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 06:13:10 GMT
x-content-type-options
nosniff
last-modified
Thu, 11 Feb 2021 16:28:38 GMT
server
sffe
age
329146
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12686
x-xss-protection
0
expires
Fri, 27 May 2022 06:13:10 GMT
l
www.google.com/ads/measurement/ Frame 5D3F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGbmrn-KQ1_mNMnp4oczgsTVg9AqkZq5p8a3_vD9CFBUiNRxGMhRLrHDd315I3CXy-XBgn
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 5D3F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVFReMD60YLHlJ6Gvx_APxO2diAHzkuDPYovvr7qjDbbs7OyuCRABIJzO83tglfrwgYwHoAHDveTDAsgBAqkC2tqn4Hx0tD7gAgCoAwHIAwiqBOcBT9BL4Wry-1zRy4XqVqpeFIzR5duxjQoQv4nYdNCJM4wssxf7070u_Q_AaEr4PMU7V0isUIcZtghOl1Zv5w2EDajz3wF72WQv6yKD_rfyJJWaWiupdA4ofr_gjEICEdQ7Fs7Vcs_KxZoAUe5t-pJjD8rv2Vd-uusuokui9udMTqR-8NRclCJ8Ckm3ER1_JhOv8RWIjkWywTRClmtNoLV8t50IplDjbmoeJKAQ34pnsL7KRrWpKXlnGKtb-McWyKDQOs4KR61MJyCuwcSltz3_5amvAAuXi7twnKcYgAZzTGCfnNRqwPFmwASfpb7g0wLgBAGSBQQIBBgBkgUECAUYBKAGAoAHpcKbvAGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ8r8B0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi01MDMxNTE4ODIyNzA0NzIygAoDyAsB2BMC0BUBgBcBshcaChgIABIUcHViLTI3MzAyNjM0NTEzMDg4MDE&sigh=truX8Va71yk
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame E74B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Mon, 31 May 2021 01:38:56 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame C802
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Mon, 31 May 2021 01:38:57 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210524&jk=3964979307402083&bg=!1tWl1ZHNAAaMan2LjGo7ACkAdvg8WpNW-a7ZTKVODvS2vS-CXnkdxhRs36jGPmvwL1Z0PA7MQWkz7gIAAACiUgAAAHtoAQcKAU3lcYmlPa2jTgpoBj1XpOkZzbiiPD-FC4d6rY9aA-cxmJ-eTMKTuoPfUjbVA0Q2F4QpITYY2Hyj1u71HdNc9iBmAwSu_aTQgayL8N7Mz_1Qc_SgzPU1U5AcDdIx8bgzgLl3NHytL2SlA1kIgIEfXWumsGeodUrHgSIitYbSVQHtuuTeyl6RwdcP1To-ILEtPgYf5J5bMQWXzWdFZemNCh7B81cWCbgWgW4f76EHC9C5M0KqWuaIpWGdVS9q5FeiDcCp28jXWDSvI5jAkDZ_Dn9dN2N3LLrhbCR3KHYFOAWkjTz99u2jCj81VU3u2Mfru70ZjVfDyj3iudkMlb1Nq-6ZbCCYt8TSDwrI3CJtDoPduHPPUnDEk494YGfQi29av1flgQW5O0LSHBYg-Dhi9ZOnzK8kdDAJlbhypnGmG1p2kQ_A_GLhvK8WP7KLSYSZAjY_yo2xIfG36Vlea_01ASETt3LM9Ou5HRf1t1hL1_kAs668ky18ffRMcat3N1oDyTyik0c2a3H9XwIku6Lw8D7rAlzCO87WAOlch6zTqoER1ekM6FQiZ8GJBPCSvqcEvBspt9pkubEyCAoso968tnubgt4L-umj4QsamXvY9O5SS2Foo9f_EPYVP6oHmCW1VCQRS15LnDtGGsAkKAuHEhHl7ImA-zULhLsW8esVqYOd8CCS9H7RKrVmd5I9GOyBZu1bDHZfE5kL2q-QSpeOOF3pZh436LHU3RKfQ_hG94lt_fGeyquQqFAEx3qDmysn645llx6Phiv12STjS1DwKdvV-TVL0xSh9Ld2zDyX_1xhbVm5GE2DnLXx18RXVimBim1rfMuRNWs0dLwe_eNwa3R2nzRNKbsOGD4Lqzq8VynKe_vLUDIW0s11y4xaKqZLkD2FW5atN5g52si2IOh_M30M-gwQhmWgTr-f74TbpUCBGOB58bRj3X9yIfQxwTMpcF3JMHmjwPeliyfx-GmlupjwZ35Do_-o5qfN2nHoLoXYeSp4JNA_zjAmM7hoUNpv9e8vIOGBxMWj6JNNBrpyYBUYO1P-Pdu05ofxCq00NaTkaq4837FntNWBrfwD_ojEkavPOFLJcujqWyq5SfdIPyX0SEGW73S4egRWWwS2SVo5_Gk4UOM3tjAUSSy6dg1V_Kh_MJVtQ8sgtuqkHfjW82OJ89HntpA0V7V5-P5ApacNTXw7uOi1dw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
displayAd.js
s.tribalfusion.com/ Frame 0ABC 		680 B
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.9&th=8645007496
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/DailyThanthicom/ROS/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dccf695fa13de70f9739f90bd4021c00d0a608d4ed9741b2067a7a086c37c2d7

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:57 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
335
cf-request-id
0a61ac09a100004e6df1b40000000001
x-function
153
last-modified
Mon, 22 Mar 2021 08:13:58 GMT
server
cloudflare
x-reuse-index
181
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
cf-ray
657c7c55c91c4e6d-FRA
expires
Sun, 29 Aug 2021 01:38:57 GMT
10380099308700684846
tpc.googlesyndication.com/simgad/ Frame C802 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10380099308700684846?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnAMqSby8JhKjXftPhN1B8mE1wapQ
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09c702b2b9951f3e21f47dce2acf73162552fe6f279d5fdfe10b256dba6996d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 02:06:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Dec 2020 16:16:14 GMT
server
sffe
age
343921
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44007
x-xss-protection
0
expires
Fri, 27 May 2022 02:06:56 GMT
ta.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C802 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ta.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b92732da0de24ce3f182957b0eeaecaf64eb49756b0b61d824435ad79a1c69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 19:54:41 GMT
x-content-type-options
nosniff
server
cafe
age
20656
etag
3047996036101863798
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5182
x-xss-protection
0
expires
Mon, 31 May 2021 19:54:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C802 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 09:25:49 GMT
x-content-type-options
nosniff
server
cafe
age
58388
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 31 May 2021 09:25:49 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 5761 		206 B
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.dailythanthi.com&callback=_gfp_s_&client=ca-pub-3076479851646180&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3076479851646180&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
1ea9552da752900d3b9048671160897153fa1103a3d04d5ddcc72a2051a0a008
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 5761 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.dailythanthi.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3076479851646180&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5761 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailythanthi.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3076479851646180&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1C22 		12 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=90&slotname=4405952550&adk=3016797356&adf=3173046724&pi=t.ma~as.4405952550&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136900&bpp=2&bdt=161&idt=140&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=667000439&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=284&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2021982103&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=2749927025966008&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gnf5v5ppjjnm&fsb=1&dtd=145
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3076479851646180&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03627f4635f87f53871152068973ce0b44d4b9ef3d19c1e3fb38d3df0f5f97cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3076479851646180&output=html&h=90&slotname=4405952550&adk=3016797356&adf=3173046724&pi=t.ma~as.4405952550&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136900&bpp=2&bdt=161&idt=140&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=667000439&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=284&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2021982103&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=2749927025966008&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gnf5v5ppjjnm&fsb=1&dtd=145
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkpb83zOUNZR_A1uJwRoRp-LpvtqLHREhRZ2A8Mn8Q2HMByfARbRsC2fzyRIag; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 31 May 2021 01:38:57 GMT
server
cafe
content-length
6391
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 5761 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3076479851646180&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028727180027"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Mon, 31 May 2021 01:38:57 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5D3F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Mon, 31 May 2021 01:38:57 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
9425318082691336925
tpc.googlesyndication.com/simgad/ Frame 5D3F 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9425318082691336925?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlxfHWx043LIHj3HpALPe32qGZttg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fddca13b15b6866d34a3c6995d1de73b27bcbf42aea81e733b4a4ef5dae0759
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 06:13:10 GMT
x-content-type-options
nosniff
last-modified
Thu, 11 Feb 2021 16:28:38 GMT
server
sffe
age
329147
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12686
x-xss-protection
0
expires
Fri, 27 May 2022 06:13:10 GMT
ta.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5D3F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ta.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b92732da0de24ce3f182957b0eeaecaf64eb49756b0b61d824435ad79a1c69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 19:54:41 GMT
x-content-type-options
nosniff
server
cafe
age
20656
etag
3047996036101863798
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5182
x-xss-protection
0
expires
Mon, 31 May 2021 19:54:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5D3F 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 09:25:49 GMT
x-content-type-options
nosniff
server
cafe
age
58388
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 31 May 2021 09:25:49 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 1C22 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=90&slotname=4405952550&adk=3016797356&adf=3173046724&pi=t.ma~as.4405952550&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136900&bpp=2&bdt=161&idt=140&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=667000439&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=284&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2021982103&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=2749927025966008&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gnf5v5ppjjnm&fsb=1&dtd=145
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 01:35:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1C22 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=90&slotname=4405952550&adk=3016797356&adf=3173046724&pi=t.ma~as.4405952550&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136900&bpp=2&bdt=161&idt=140&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=667000439&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=284&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2021982103&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=2749927025966008&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gnf5v5ppjjnm&fsb=1&dtd=145
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Mon, 31 May 2021 01:38:57 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 1C22 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=90&slotname=4405952550&adk=3016797356&adf=3173046724&pi=t.ma~as.4405952550&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136900&bpp=2&bdt=161&idt=140&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=667000439&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=284&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2021982103&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=2749927025966008&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gnf5v5ppjjnm&fsb=1&dtd=145
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:31:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 01:31:49 GMT
l
www.google.com/ads/measurement/ Frame 1C22 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdejF5oJyj2e2bE60W88_nYpbGzLI63mi1GJhJMZWivJLuZUSdA5jJbCcfuG5Ri3YDIyPkPRbaej3X0FrGrbY7aOfkRQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=90&slotname=4405952550&adk=3016797356&adf=3173046724&pi=t.ma~as.4405952550&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136900&bpp=2&bdt=161&idt=140&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=667000439&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=284&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2021982103&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=2749927025966008&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gnf5v5ppjjnm&fsb=1&dtd=145
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame 1C22 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cny5vMT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTCAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnoww8WYhmEOIS3LgNEtOIrmr3VIgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItMzA3NjQ3OTg1MTY0NjE4MA&sigh=5rnkqkXGJsU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=90&slotname=4405952550&adk=3016797356&adf=3173046724&pi=t.ma~as.4405952550&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136900&bpp=2&bdt=161&idt=140&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=667000439&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=284&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2021982103&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=2749927025966008&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gnf5v5ppjjnm&fsb=1&dtd=145
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=90&slotname=4405952550&adk=3016797356&adf=3173046724&pi=t.ma~as.4405952550&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136900&bpp=2&bdt=161&idt=140&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=667000439&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=284&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2021982103&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=2749927025966008&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gnf5v5ppjjnm&fsb=1&dtd=145
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 31 May 2021 01:38:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 1C22 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jg6mhekgd5z8s0zny9yz5415hz05z94nff0bxej52rq24xw376mkcdecsvjsq89fpe4fsgxbnbz77z6ds2zrdswzqfm04shkyx4jtmxa912h68rytv2bhfxn67eza2b4zkfgmwjq8jt04x207jphb1j6p9dsqa5b44chssyc39ad9ejn56t77kpp77vqvkn7jb16f0mndxjz02sx3d6mxjvp6tsv1ad13h3yk5g9k5781x0kq3zg6vrzym5v602d2axzch4316qxrwsxyrtge9nnmqv71zzzs0qngt0a9wb6482tgh93qykyk8z123yj0z2zfw5at5z3262smjtdq3qr54sz9104cbvydwfesmcf9q4hyyst3fr2h43ss1a5pdpa687&b=YLQ-MQAI4eoK4AeXAAikyJ1WzHQs4df7pLFoaQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=90&slotname=4405952550&adk=3016797356&adf=3173046724&pi=t.ma~as.4405952550&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136900&bpp=2&bdt=161&idt=140&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=667000439&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=284&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2021982103&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=2749927025966008&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gnf5v5ppjjnm&fsb=1&dtd=145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 May 2021 01:38:57 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
ad4m.at/ad/ Frame D9AB 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dr?ed=1k6y18rzd9b8djxr3xn8vh4sq7eezrm2ny5hze0ffdm7fjvxnc41q697mada9y8zmnjpddfm7ch4rs9mabjwedpqrcg7tt0gn4j7qj6s98yhdtap639p9qntcy0d22016nzh653qecdcq4k8m18f3rr0smkr88sxkppvczy4drdcdphs4z0a41p1tnq1b9sbvx0y05r8xtfvyw0g2yh49k383y536a4wn42qmax03yxk70esct13x0hw6fxpqh6t1evh8k9zbk2m3tjygwv2eq79nhg4j3mdbbzzpk6htf2vxr5v6at0wm55qrtv9kztv4zwpmfh2f23vqjbyk495rn9em06pb72a3gbksrb76158r5bq4h867mec000&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%26client%3Dca-pub-3076479851646180%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=90&slotname=4405952550&adk=3016797356&adf=3173046724&pi=t.ma~as.4405952550&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136900&bpp=2&bdt=161&idt=140&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=667000439&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=284&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2021982103&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=2749927025966008&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gnf5v5ppjjnm&fsb=1&dtd=145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a16b036117afa1ad12d18bdad714b3a29a17c7d95e4208946fcca3a782448e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dr?ed=1k6y18rzd9b8djxr3xn8vh4sq7eezrm2ny5hze0ffdm7fjvxnc41q697mada9y8zmnjpddfm7ch4rs9mabjwedpqrcg7tt0gn4j7qj6s98yhdtap639p9qntcy0d22016nzh653qecdcq4k8m18f3rr0smkr88sxkppvczy4drdcdphs4z0a41p1tnq1b9sbvx0y05r8xtfvyw0g2yh49k383y536a4wn42qmax03yxk70esct13x0hw6fxpqh6t1evh8k9zbk2m3tjygwv2eq79nhg4j3mdbbzzpk6htf2vxr5v6at0wm55qrtv9kztv4zwpmfh2f23vqjbyk495rn9em06pb72a3gbksrb76158r5bq4h867mec000&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%26client%3Dca-pub-3076479851646180%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Mon, 31 May 2021 01:38:57 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a61ac0a5e00004a79612af000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
657c7c56fe624a79-FRA
content-encoding
br
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BC9F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=90&slotname=4405952550&adk=3016797356&adf=3173046724&pi=t.ma~as.4405952550&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136900&bpp=2&bdt=161&idt=140&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=667000439&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=284&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2021982103&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=2749927025966008&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gnf5v5ppjjnm&fsb=1&dtd=145
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 30 May 2021 03:14:09 GMT
expires
Mon, 31 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
80688
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
j.ad
s.tribalfusion.com/ Frame 0ABC 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=dailythanthicom&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fwww.dailythanthi.com%2F&f=1&p=5060307&tKey=aFmneMVEYwWqB6PqYZdSsZbZa2GaCRAXIAg&a=1&adContainerId=richmedia_2&rnd=5058001
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/DailyThanthicom/ROS/tags.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cc14ed6f06919fc4834b3afbe8be59e7c0056da15719b72a5d9d1f3413cb46a

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:57 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2122
cf-request-id
0a61ac0a5e00004dcaf7893000000001
pragma
no-cache
x-function
101
server
cloudflare
x-reuse-index
82
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private, no-cache, no-store, proxy-revalidate
cf-ray
657c7c56fc344dca-FRA
expires
0
displayAd.js
s.tribalfusion.com/ Frame DD17 		677 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.9&th=8645007496
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/DailyThanthicom/ROS/tags.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc18979baf0eec863f316321b7bb34bc3f1005723d07dd7124abc7c0d3b7617f

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:57 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
328
cf-request-id
0a61ac0a5e00004dca12a7d000000001
x-function
153
last-modified
Mon, 22 Mar 2021 08:13:58 GMT
server
cloudflare
x-reuse-index
44
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
cf-ray
657c7c56fc354dca-FRA
expires
Sun, 29 Aug 2021 01:38:57 GMT
dpixel
cms.quantserve.com/ Frame BC9F 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGk8iJ3Crwd9F2jLd_bkCfQ&google_cver=1&google_push=AQvitULergG1CuRNZQyN29VQKSL1vwUVrh27ZyqmdXXtltFHUNh3A9vRpjM7wM4wSC56Kbl9f-WnZ1P_CinyFr-5MWsd_tL_k2o61A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=90&slotname=4405952550&adk=3016797356&adf=3173046724&pi=t.ma~as.4405952550&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136900&bpp=2&bdt=161&idt=140&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=667000439&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=284&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2021982103&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=2749927025966008&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gnf5v5ppjjnm&fsb=1&dtd=145
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BC9F
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUK4Qh30cZQE7tmgdkIiTCqqpRZ_v1-KRMHCh0E...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUxRQE1RQUFBVjY0MXllWQ&google_push=AQvitUK4Qh30cZQE7tmgdkIiTCqqpRZ_v1-KRMHCh0ErvLpjtrC7htFN2MTOcBz_8qsYsxwPMguo8_e_b7_cjAlk5raERMVo4kkU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUxRQE1RQUFBVjY0MXllWQ&google_push=AQvitUK4Qh30cZQE7tmgdkIiTCqqpRZ_v1-KRMHCh0ErvLpjtrC7htFN2MTOcBz_8qsYsxwPMguo8_e_b7_cjAlk5raERMVo4kkU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=90&slotname=4405952550&adk=3016797356&adf=3173046724&pi=t.ma~as.4405952550&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136900&bpp=2&bdt=161&idt=140&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=667000439&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=284&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2021982103&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=2749927025966008&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gnf5v5ppjjnm&fsb=1&dtd=145
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUxRQE1RQUFBVjY0MXllWQ&google_push=AQvitUK4Qh30cZQE7tmgdkIiTCqqpRZ_v1-KRMHCh0ErvLpjtrC7htFN2MTOcBz_8qsYsxwPMguo8_e_b7_cjAlk5raERMVo4kkU
Date
Mon, 31 May 2021 01:38:57 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame BC9F
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEKXCIoQxmpymuYIQyOCpAAo&google_cver=1&google_push=AQvitUKibO_oH7aUw19zRffWMx4UXtqzpYichBUWdryPU7mU5uXpvgFdvqmJjjzd1sOvB38-sye5tgjDGzh8q9664T_eMRax9Ts8BA
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUKibO_oH7aUw19zRffWMx4UXtqzpYichBUWdryPU7mU5uXpvgFdvqmJjjzd1sOvB38-sye5tgjDGzh8q9664T_eMRax9Ts8BA&google_hm=Q0FFU0VLWENJb1F4bXB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUKibO_oH7aUw19zRffWMx4UXtqzpYichBUWdryPU7mU5uXpvgFdvqmJjjzd1sOvB38-sye5tgjDGzh8q9664T_eMRax9Ts8BA&google_hm=Q0FFU0VLWENJb1F4bXB5bXVZSVF5T0NwQUFv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=90&slotname=4405952550&adk=3016797356&adf=3173046724&pi=t.ma~as.4405952550&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136900&bpp=2&bdt=161&idt=140&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=667000439&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=284&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2021982103&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=2749927025966008&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gnf5v5ppjjnm&fsb=1&dtd=145
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 May 2021 01:38:57 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUKibO_oH7aUw19zRffWMx4UXtqzpYichBUWdryPU7mU5uXpvgFdvqmJjjzd1sOvB38-sye5tgjDGzh8q9664T_eMRax9Ts8BA&google_hm=Q0FFU0VLWENJb1F4bXB5bXVZSVF5T0NwQUFv
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BC9F
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUJRXl6JuZCahTyWKcaN_vDpJjatT7Wqwo1jelPVdTBdcMVe8XgSFdxRu_FsrR8Sw7GDJTpQG1KhEdWAseFl-u82wOSIo55bDA&google_gid=CAESEIOSnnv3BtaDFInoBx9gYOo&g...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLH80IUGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BUXZpdFVKUlhsNkp1WkNhaFR5V0tjYU5fdkRwSmphdFQ3V3F3bzFqZWxQVmRUQmRjTVZlOFhnU0ZkeFJ1X0ZzclI4U3c3R0RKVHBRRzFLaEVkV0FzZU...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZEVHM3RkWDA5X3RfU2plVXZvaTBFNGlFZXQ4V2x1WEgyR0hKM0p5UUpHZw==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZEVHM3RkWDA5X3RfU2plVXZvaTBFNGlFZXQ4V2x1WEgyR0hKM0p5UUpHZw==&google_push
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=90&slotname=4405952550&adk=3016797356&adf=3173046724&pi=t.ma~as.4405952550&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136900&bpp=2&bdt=161&idt=140&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=667000439&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=284&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2021982103&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=2749927025966008&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gnf5v5ppjjnm&fsb=1&dtd=145
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 31 May 2021 01:38:57 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZEVHM3RkWDA5X3RfU2plVXZvaTBFNGlFZXQ4V2x1WEgyR0hKM0p5UUpHZw==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame BC9F
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEKW9rF9aBkYoEIvF6yzAmsQ&google_cver=1&google_push=AQvitUKlI_iK3cZ1t872lpCPwpMSon2jLHANZmCZjz1nQ58THtLylJ-0BkGyEyeM8iqXCQXD1huxdf9EigNVmavyvonFXrYmRCzrfg
  • https://rtb.openx.net/sync/dds?google_gid=CAESEKW9rF9aBkYoEIvF6yzAmsQ&google_cver=1&google_push=AQvitUKlI_iK3cZ1t872lpCPwpMSon2jLHANZmCZjz1nQ58THtLylJ-0BkGyEyeM8iqXCQXD1huxdf9EigNVmavyvonFXrYmRCzrf...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKlI_iK3cZ1t872lpCPwpMSon2jLHANZmCZjz1nQ58THtLylJ-0BkGyEyeM8iqXCQXD1huxdf9EigNVmavyvonFXrYmRCzrfg&google_hm=Sp8Sb5s8y0cTrGhAKyuzrA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKlI_iK3cZ1t872lpCPwpMSon2jLHANZmCZjz1nQ58THtLylJ-0BkGyEyeM8iqXCQXD1huxdf9EigNVmavyvonFXrYmRCzrfg&google_hm=Sp8Sb5s8y0cTrGhAKyuzrA==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=90&slotname=4405952550&adk=3016797356&adf=3173046724&pi=t.ma~as.4405952550&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136900&bpp=2&bdt=161&idt=140&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=667000439&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=284&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2021982103&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=2749927025966008&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gnf5v5ppjjnm&fsb=1&dtd=145
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:57 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKlI_iK3cZ1t872lpCPwpMSon2jLHANZmCZjz1nQ58THtLylJ-0BkGyEyeM8iqXCQXD1huxdf9EigNVmavyvonFXrYmRCzrfg&google_hm=Sp8Sb5s8y0cTrGhAKyuzrA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
ektvqp2rjdqdef12ndu1kukv5t9gc7ne
pixel
cm.g.doubleclick.net/ Frame BC9F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_push=AQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoq...
0
0
trk
ag.innovid.com/ Frame BC9F 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHBFUy934at8yhcAEV85xPE&google_cver=1&google_push=AQvitUK3qNHu3TBH1RAbzNj9oO4xfnJLdD9AkpdSXSf3b0giCj-lI2OxrwYcHLJLzP5QPdamHkc444huAxsz4HGB0Ont5blZHOQ2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=90&slotname=4405952550&adk=3016797356&adf=3173046724&pi=t.ma~as.4405952550&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136900&bpp=2&bdt=161&idt=140&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=667000439&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=284&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2021982103&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=2749927025966008&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gnf5v5ppjjnm&fsb=1&dtd=145
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:5af6:b07b:462f:23c8 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:57 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame BC9F 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KlqkHDycPN6VSOf6Q9VtBrYkUwt9keQxVIz5owpwiAu0Nm_RB4h8XepQ6aVM-WeFxAnQNE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3076479851646180&output=html&h=90&slotname=4405952550&adk=3016797356&adf=3173046724&pi=t.ma~as.4405952550&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425136900&bpp=2&bdt=161&idt=140&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52%3AT%3D1622425135%3AS%3DALNI_MbVqWJ3f7peQpcHPhPFVz8shG4Qpg&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=667000439&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=284&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2021982103&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=2749927025966008&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gnf5v5ppjjnm&fsb=1&dtd=145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:57 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 1C22 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0aaa9914142534fa6c2ab10ce5eb0977d18578e58254df51e93ce6c844ed36e9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame D9AB 		58 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1k6y18rzd9b8djxr3xn8vh4sq7eezrm2ny5hze0ffdm7fjvxnc41q697mada9y8zmnjpddfm7ch4rs9mabjwedpqrcg7tt0gn4j7qj6s98yhdtap639p9qntcy0d22016nzh653qecdcq4k8m18f3rr0smkr88sxkppvczy4drdcdphs4z0a41p1tnq1b9sbvx0y05r8xtfvyw0g2yh49k383y536a4wn42qmax03yxk70esct13x0hw6fxpqh6t1evh8k9zbk2m3tjygwv2eq79nhg4j3mdbbzzpk6htf2vxr5v6at0wm55qrtv9kztv4zwpmfh2f23vqjbyk495rn9em06pb72a3gbksrb76158r5bq4h867mec000&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%26client%3Dca-pub-3076479851646180%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer
https://ad4m.at/ad/dr?ed=1k6y18rzd9b8djxr3xn8vh4sq7eezrm2ny5hze0ffdm7fjvxnc41q697mada9y8zmnjpddfm7ch4rs9mabjwedpqrcg7tt0gn4j7qj6s98yhdtap639p9qntcy0d22016nzh653qecdcq4k8m18f3rr0smkr88sxkppvczy4drdcdphs4z0a41p1tnq1b9sbvx0y05r8xtfvyw0g2yh49k383y536a4wn42qmax03yxk70esct13x0hw6fxpqh6t1evh8k9zbk2m3tjygwv2eq79nhg4j3mdbbzzpk6htf2vxr5v6at0wm55qrtv9kztv4zwpmfh2f23vqjbyk495rn9em06pb72a3gbksrb76158r5bq4h867mec000&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%26client%3Dca-pub-3076479851646180%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date
Mon, 31 May 2021 01:38:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5978390
cf-polished
origSize=59196
x-guploader-uploadid
ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58969
cf-request-id
0a61ac0a840000c26d4ab44000000001
last-modified
Tue, 16 Mar 2021 10:53:32 GMT
server
cloudflare
etag
"44274c587ed8382583221bb023d51c5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1E68e4ZGjHmecgB3QJWi6msvCuSJS%2BnkArLkGZU%2BmyJQ3A2PZy8RXookJh5HG7S7yIDyxKS29sH1iCpmlXrSgM0RVUas4Wap9hwL9%2Fox5HexL4PgqT3tY97ET%2FsV%2BWzc"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1615892011975494
content-type
text/css
expires
Tue, 22 Mar 2022 20:59:07 GMT
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6688
accept-ranges
bytes
cf-ray
657c7c5739e5c26d-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame D9AB 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1k6y18rzd9b8djxr3xn8vh4sq7eezrm2ny5hze0ffdm7fjvxnc41q697mada9y8zmnjpddfm7ch4rs9mabjwedpqrcg7tt0gn4j7qj6s98yhdtap639p9qntcy0d22016nzh653qecdcq4k8m18f3rr0smkr88sxkppvczy4drdcdphs4z0a41p1tnq1b9sbvx0y05r8xtfvyw0g2yh49k383y536a4wn42qmax03yxk70esct13x0hw6fxpqh6t1evh8k9zbk2m3tjygwv2eq79nhg4j3mdbbzzpk6htf2vxr5v6at0wm55qrtv9kztv4zwpmfh2f23vqjbyk495rn9em06pb72a3gbksrb76158r5bq4h867mec000&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%26client%3Dca-pub-3076479851646180%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a

Request headers

Referer
https://ad4m.at/ad/dr?ed=1k6y18rzd9b8djxr3xn8vh4sq7eezrm2ny5hze0ffdm7fjvxnc41q697mada9y8zmnjpddfm7ch4rs9mabjwedpqrcg7tt0gn4j7qj6s98yhdtap639p9qntcy0d22016nzh653qecdcq4k8m18f3rr0smkr88sxkppvczy4drdcdphs4z0a41p1tnq1b9sbvx0y05r8xtfvyw0g2yh49k383y536a4wn42qmax03yxk70esct13x0hw6fxpqh6t1evh8k9zbk2m3tjygwv2eq79nhg4j3mdbbzzpk6htf2vxr5v6at0wm55qrtv9kztv4zwpmfh2f23vqjbyk495rn9em06pb72a3gbksrb76158r5bq4h867mec000&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%26client%3Dca-pub-3076479851646180%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=VHPQMw==, md5=O4FGM/ivTqRkLkRDXbVbMw==
date
Mon, 31 May 2021 01:38:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
29594
x-guploader-uploadid
ABg5-UyHG-hOHMrblKFIYL7z0-xw-9pArwKph-VJrtcWULownBnqKUo-1GLHEGsXvwH8Zp6QorI5FIk9wmVPTpub1M4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a61ac0a840000c26d2405b000000001
last-modified
Thu, 06 May 2021 17:25:03 GMT
server
cloudflare
etag
W/"3b814633f8af4ea4642e44435db55b33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0Z%2F2SJi759Fd3FWhIHphj5zOCwqeYDGW01D%2B3Dky0oiPxmDbKqEwHLP3GyHg0nIzrWx6oIXL81ELnMFD1EbyZgN%2F9EVLt6P9%2FKI8bNfEOUioYGi72bYej3M2SycvAi7c"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620321903630655
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12034
cf-ray
657c7c5739e7c26d-FRA
expires
Sun, 30 May 2021 17:25:43 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame D9AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
frame.html
ad4m.at/ Frame A0FF 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1k6y18rzd9b8djxr3xn8vh4sq7eezrm2ny5hze0ffdm7fjvxnc41q697mada9y8zmnjpddfm7ch4rs9mabjwedpqrcg7tt0gn4j7qj6s98yhdtap639p9qntcy0d22016nzh653qecdcq4k8m18f3rr0smkr88sxkppvczy4drdcdphs4z0a41p1tnq1b9sbvx0y05r8xtfvyw0g2yh49k383y536a4wn42qmax03yxk70esct13x0hw6fxpqh6t1evh8k9zbk2m3tjygwv2eq79nhg4j3mdbbzzpk6htf2vxr5v6at0wm55qrtv9kztv4zwpmfh2f23vqjbyk495rn9em06pb72a3gbksrb76158r5bq4h867mec000&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%26client%3Dca-pub-3076479851646180%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1k6y18rzd9b8djxr3xn8vh4sq7eezrm2ny5hze0ffdm7fjvxnc41q697mada9y8zmnjpddfm7ch4rs9mabjwedpqrcg7tt0gn4j7qj6s98yhdtap639p9qntcy0d22016nzh653qecdcq4k8m18f3rr0smkr88sxkppvczy4drdcdphs4z0a41p1tnq1b9sbvx0y05r8xtfvyw0g2yh49k383y536a4wn42qmax03yxk70esct13x0hw6fxpqh6t1evh8k9zbk2m3tjygwv2eq79nhg4j3mdbbzzpk6htf2vxr5v6at0wm55qrtv9kztv4zwpmfh2f23vqjbyk495rn9em06pb72a3gbksrb76158r5bq4h867mec000&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%26client%3Dca-pub-3076479851646180%26adurl%3D

Response headers

date
Mon, 31 May 2021 01:38:57 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Mon, 31 May 2021 02:38:57 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
621781
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
0a61ac0ab00000c26d4ab45000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=p4sSMF88qz2numOzY%2FrVpH14Tu4lHXkbptUoC4vAtSzeqR04q2Wam4ItaNQ9ibUy9ZIe7%2BcuZQX54ltu9tQuohxRGE1pAcHX4m2vxl0P708nhOav4svUSMXaZbQxWwuT"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
657c7c577a11c26d-FRA
content-encoding
br
frame.html
ad4mat.net/ Frame 866F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4mat.net/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
ad4mat.net
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:57 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=502:657c7c57ad0dbec4:FRA; path=/; expires=Mon, 31-May-21 01:39:27 GMT cf_use_ob=443; path=/; expires=Mon, 31-May-21 01:39:27 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
657c7c57ad0dbec4-FRA
server
cloudflare
view
securepubads.g.doubleclick.net/pcs/ Frame 5761 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvk_YzeV4mBNFFo87kSkYAunHABfw9VyHhuk610AJNhHKISTdRTj7jDOiBvo_2Mx_G0tfNgvXgAiz3tLHOdYr66FkjZrjptlpZpq40MZqp3VkplO2RzqsXSquH9TE-Mafemu_D-HTzDd4ua81QEcGD-zkpnukPg4feOs3uk9tOJwptyE5Yap1yG03SFJoq9dco9S0cOE3ciYp6C7sAuuzQbpEzCQFgtdvVh2PQEn3KC4j4AaZ62-aNEw2WISg59TFjZCQ3Vf3qSTwDot_wjvyfmZGCL6tT1JiQY1f_CwG-MfHUI7QzuVJTRoEwgHZGBOg&sai=AMfl-YTKDTrSHJNG6yEpoF7W8HSj7HPNegH5BUribIVPtiaHD9s1N5U3NKFsPG9yxvhsi28yWHwMIJkcRTbM1MMfM1IzAzI_RBHofcfdnKmDeUpXWQHH1Fc-XCr1eE_36sY&sig=Cg0ArKJSzJBWQ3yXGV15EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 May 2021 01:38:57 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5761 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210524&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3076479851646180&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96c54271a37e46dec962e4ccba5f2c2cb583ada48a4d87d79bdaf01017753170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8165
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5761 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3076479851646180&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 31 May 2021 01:38:57 GMT
j.ad
s.tribalfusion.com/ Frame DD17 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=dailythanthicom&adSpace=ros&center=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Fwww.dailythanthi.com%2F&f=1&p=5060307&tKey=a6mneM4GYfUGB8VGbeRmYyYTYcRAXgrn&a=3&adContainerId=richmedia_4&rnd=5063336
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/DailyThanthicom/ROS/tags.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4565ffdee4abefba6e408c9ac766d95327d28e859c6714c24bed26c3301dbb7

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
846
cf-request-id
0a61ac0b0d00004dcaeb966000000001
pragma
no-cache
x-function
101
server
cloudflare
x-reuse-index
5
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private, no-cache, no-store, proxy-revalidate
cf-ray
657c7c581d514dca-FRA
expires
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 0ABC 		134 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=dailythanthicom&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fwww.dailythanthi.com%2F&f=1&p=5060307&tKey=aFmneMVEYwWqB6PqYZdSsZbZa2GaCRAXIAg&a=1&adContainerId=richmedia_2&rnd=5058001
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48356
x-xss-protection
0
server
cafe
etag
3890051329819667200
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 31 May 2021 01:38:57 GMT
p.media
s.tribalfusion.com/ Frame 61AD 		459 B
763 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=a4mTR8prMZd0GnPYGnT1cnupTfU2bnPTrJZcWP34Rqr0ScYOPdbN1dvqWP3N2GQ20UYBV6qm4PZb7RmrA2H3O0HQZdmHTm3mrP4sjeUVJ8UcJiPP3oUHUTUUbY2U2pUqnvVE3iQEBHQGFLRravSdr7UcvP2FmtntAmYaTy3tbFSGjZa46JZamdiyTt77XbYcXrYf0TqoSFFAWFM4VdQ4mFfxRUrN1EFtXqJ5uZa4qvV&mediaDataID=2713736&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=dailythanthicom&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fwww.dailythanthi.com%2F&f=1&p=5060307&tKey=aFmneMVEYwWqB6PqYZdSsZbZa2GaCRAXIAg&a=1&adContainerId=richmedia_2&rnd=5058001
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a06c938258f2d43c3803130d9eaf3a8a231236a3d8a4c13cd17872a880f3fee4

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=a4mTR8prMZd0GnPYGnT1cnupTfU2bnPTrJZcWP34Rqr0ScYOPdbN1dvqWP3N2GQ20UYBV6qm4PZb7RmrA2H3O0HQZdmHTm3mrP4sjeUVJ8UcJiPP3oUHUTUUbY2U2pUqnvVE3iQEBHQGFLRravSdr7UcvP2FmtntAmYaTy3tbFSGjZa46JZamdiyTt77XbYcXrYf0TqoSFFAWFM4VdQ4mFfxRUrN1EFtXqJ5uZa4qvV&mediaDataID=2713736&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=afnrIlmge0xousnA7fvCZcuPdbZculVnP9YlKUJ0ZaLGXxWnZbLeheoqZdgZd06EyOv2PwjK2NBtZb9TFBo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
5
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
0a61ac0b1200004dca0ebb2000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
657c7c581d5c4dca-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame A8FD 		647 B
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=a5mTR8VWJ60bnaYFjg1EIqPbMZcTrU2WHnWmbjnRbbr1EQN4Ebl4q74naFFYFF7WHf0oPnLnG7pmW7D3T373d6n46nEpbQZb0sfXXVFYXGZbOpT742bYRWUJHVm75REvQQsYNQdUtYdjnT6vp3VUX0bQZaVmys5AvdQmBF3HZbrXWYAnt2v36rY4V36Vsv8VGMeR6FMTHJPWbB33rEnWEUvTTJlSTBZcTsZbvOrFO9Zc&mediaDataID=6719746&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=dailythanthicom&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fwww.dailythanthi.com%2F&f=1&p=5060307&tKey=aFmneMVEYwWqB6PqYZdSsZbZa2GaCRAXIAg&a=1&adContainerId=richmedia_2&rnd=5058001
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4b2aacda5fca45c16c798de5756e520603ff8b2f50d1ffd24ac9f8250abbc6e

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=a5mTR8VWJ60bnaYFjg1EIqPbMZcTrU2WHnWmbjnRbbr1EQN4Ebl4q74naFFYFF7WHf0oPnLnG7pmW7D3T373d6n46nEpbQZb0sfXXVFYXGZbOpT742bYRWUJHVm75REvQQsYNQdUtYdjnT6vp3VUX0bQZaVmys5AvdQmBF3HZbrXWYAnt2v36rY4V36Vsv8VGMeR6FMTHJPWbB33rEnWEUvTTJlSTBZcTsZbvOrFO9Zc&mediaDataID=6719746&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=afnrIlmge0xousnA7fvCZcuPdbZculVnP9YlKUJ0ZaLGXxWnZbLeheoqZdgZd06EyOv2PwjK2NBtZb9TFBo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
47
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
0a61ac0b1300004dcad3929000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
657c7c581d5d4dca-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 4336 		581 B
830 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=a6mTR83sr7VcQcUsfkPAJxWdnPWbb32bauWaQpTaYaSTUHRG7JPburStY7WcrW2FqvotirXqew4tjFQVbZa46YIpHPNVHb80rfiXbYiXaApPbQZbTb3YWdMUnFQmRUfNYTQO5EUc2qr1oT7IXUBaWt7WoAvZbmVUrpWUG2TZbh5teN5PvZbprQEYcQUXGMT1cvxnavQ2rJQTUZbDWPv3Pq3QScZbMStUN2WbDMk1xIq&mediaDataID=6546596&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=dailythanthicom&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fwww.dailythanthi.com%2F&f=1&p=5060307&tKey=aFmneMVEYwWqB6PqYZdSsZbZa2GaCRAXIAg&a=1&adContainerId=richmedia_2&rnd=5058001
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b5c402ad190166553b2223b2ce9705cef2c189f947dcb3b99999380660964b9

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=a6mTR83sr7VcQcUsfkPAJxWdnPWbb32bauWaQpTaYaSTUHRG7JPburStY7WcrW2FqvotirXqew4tjFQVbZa46YIpHPNVHb80rfiXbYiXaApPbQZbTb3YWdMUnFQmRUfNYTQO5EUc2qr1oT7IXUBaWt7WoAvZbmVUrpWUG2TZbh5teN5PvZbprQEYcQUXGMT1cvxnavQ2rJQTUZbDWPv3Pq3QScZbMStUN2WbDMk1xIq&mediaDataID=6546596&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=afnrIlmge0xousnA7fvCZcuPdbZculVnP9YlKUJ0ZaLGXxWnZbLeheoqZdgZd06EyOv2PwjK2NBtZb9TFBo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
11
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
0a61ac0b1400004dcafa220000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
657c7c582d5e4dca-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 874F 		479 B
781 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=a7mTR80GnQ1c341c7NpEjW5UZbUWrBGVAYTPTY1SV3sStBt0dJpVmbO3GvXXb3KVmuu2AU8P6MD4HFr0HQAntZaM4AJ13cY8TVJlVVMjPPnyWd33TFBS3FIxVEjoTTUlQEUGSGQARbimPHMiVsnR2ryqodapYa2y3tYAPVrG2mQHotXtVWbh0rn71bUg1EqtRUJCTrZb4Tdr0mbJoPbZbN1EFy3TUlYEMfmvl7is&mediaDataID=9148826&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=dailythanthicom&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fwww.dailythanthi.com%2F&f=1&p=5060307&tKey=aFmneMVEYwWqB6PqYZdSsZbZa2GaCRAXIAg&a=1&adContainerId=richmedia_2&rnd=5058001
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba48b71748bccc746a04e845f1baa4800cd7defe9fa29b9d546711cecc23a347

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=a7mTR80GnQ1c341c7NpEjW5UZbUWrBGVAYTPTY1SV3sStBt0dJpVmbO3GvXXb3KVmuu2AU8P6MD4HFr0HQAntZaM4AJ13cY8TVJlVVMjPPnyWd33TFBS3FIxVEjoTTUlQEUGSGQARbimPHMiVsnR2ryqodapYa2y3tYAPVrG2mQHotXtVWbh0rn71bUg1EqtRUJCTrZb4Tdr0mbJoPbZbN1EFy3TUlYEMfmvl7is&mediaDataID=9148826&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=afnrIlmge0xousnA7fvCZcuPdbZculVnP9YlKUJ0ZaLGXxWnZbLeheoqZdgZd06EyOv2PwjK2NBtZb9TFBo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
2
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
0a61ac0b1500004dcaf51b7000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
657c7c582d5f4dca-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 14A1 		509 B
799 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=a8mTR80bnb1UBgXqanRrMEWUZbYWWr3nFfxPFJq1qUt3TBc5qQYmEMEXFjaUtjPoAMDpVvmoHfA5TFh3d6N5PfJmUjG0V3RYsFT1svNpTZbP5U32Wr7FVm33Qqb0ScQMQdBs1dvwTmnw4s3UYrYZcVAmr2P3aQmJF3Hnm1HBKpdEo5mBR3sYgVVUbUsFlSmFuUWFRTUn35r6rWarmVanlSTBFQVQJWUaCnxpZd2p&mediaDataID=8039566&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=dailythanthicom&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fwww.dailythanthi.com%2F&f=1&p=5060307&tKey=aFmneMVEYwWqB6PqYZdSsZbZa2GaCRAXIAg&a=1&adContainerId=richmedia_2&rnd=5058001
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99f9f022ce88d23a3e7e86bfc85afcd516e8fc8c0019cf26b4bd83cff0858c24

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=a8mTR80bnb1UBgXqanRrMEWUZbYWWr3nFfxPFJq1qUt3TBc5qQYmEMEXFjaUtjPoAMDpVvmoHfA5TFh3d6N5PfJmUjG0V3RYsFT1svNpTZbP5U32Wr7FVm33Qqb0ScQMQdBs1dvwTmnw4s3UYrYZcVAmr2P3aQmJF3Hnm1HBKpdEo5mBR3sYgVVUbUsFlSmFuUWFRTUn35r6rWarmVanlSTBFQVQJWUaCnxpZd2p&mediaDataID=8039566&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=afnrIlmge0xousnA7fvCZcuPdbZculVnP9YlKUJ0ZaLGXxWnZbLeheoqZdgZd06EyOv2PwjK2NBtZb9TFBo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
1
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
0a61ac0b1600004dca0b820000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
657c7c582d614dca-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 47EC 		413 B
727 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=a9mTR8VcQcUcbfSmZbvUdQTWrJ55ramVEUvVErbSaQZcQVFAQbIoRW76Vc3R4rmood6M0amv2dbGSVMG46YHotIpUtYf0r3cYrY71TqoPbMDWUYSVtB1mUfoQbrr1EYy5EBd4q7PoEfB1rJfTdfUomrZcpGnspW3G2Tnk2dmq3A7GnbbZd0G30XGUY1G7vmqvT3bFSWbMDUP3YPTMXQVrMStUrYtvpQAvIN2LG6Za&mediaDataID=6347136&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=dailythanthicom&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fwww.dailythanthi.com%2F&f=1&p=5060307&tKey=aFmneMVEYwWqB6PqYZdSsZbZa2GaCRAXIAg&a=1&adContainerId=richmedia_2&rnd=5058001
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50a10bf2f804ce11fd057f47a500ff9ffba2c0bd44f7ab938cbf808cee2df614

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=a9mTR8VcQcUcbfSmZbvUdQTWrJ55ramVEUvVErbSaQZcQVFAQbIoRW76Vc3R4rmood6M0amv2dbGSVMG46YHotIpUtYf0r3cYrY71TqoPbMDWUYSVtB1mUfoQbrr1EYy5EBd4q7PoEfB1rJfTdfUomrZcpGnspW3G2Tnk2dmq3A7GnbbZd0G30XGUY1G7vmqvT3bFSWbMDUP3YPTMXQVrMStUrYtvpQAvIN2LG6Za&mediaDataID=6347136&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=afnrIlmge0xousnA7fvCZcuPdbZculVnP9YlKUJ0ZaLGXxWnZbLeheoqZdgZd06EyOv2PwjK2NBtZb9TFBo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
24
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
0a61ac0b1700004dca2206c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
657c7c582d654dca-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 10B6 		475 B
772 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aamTR81c33XG7wpE7W3UUUTFFDVAU4QE3QQsntSHFNYtjwWmUu2cBYYbrZcTAyo2PYgRmbA2WZbsXHJKntZao5mQV4VbeVsMbWcM6S6FMWdnSWrbP2UAoWTQrWaJaST3FSGFBPbuxPWrbUVv55bqsoWem0quO3tQAPVJD56JZbmdAyTHQ60b3kXr7h0TyrSFJHUbB2WWF0objsPFjtYqMy3TUa2a7Ytq7pNYA3KA&mediaDataID=6530936&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=dailythanthicom&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fwww.dailythanthi.com%2F&f=1&p=5060307&tKey=aFmneMVEYwWqB6PqYZdSsZbZa2GaCRAXIAg&a=1&adContainerId=richmedia_2&rnd=5058001
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3dc81463d28ff87ef6db31a66984c0546c7528d6af87e349cd8b2e69cd75071

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=aamTR81c33XG7wpE7W3UUUTFFDVAU4QE3QQsntSHFNYtjwWmUu2cBYYbrZcTAyo2PYgRmbA2WZbsXHJKntZao5mQV4VbeVsMbWcM6S6FMWdnSWrbP2UAoWTQrWaJaST3FSGFBPbuxPWrbUVv55bqsoWem0quO3tQAPVJD56JZbmdAyTHQ60b3kXr7h0TyrSFJHUbB2WWF0objsPFjtYqMy3TUa2a7Ytq7pNYA3KA&mediaDataID=6530936&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=afnrIlmge0xousnA7fvCZcuPdbZculVnP9YlKUJ0ZaLGXxWnZbLeheoqZdgZd06EyOv2PwjK2NBtZb9TFBo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
14
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
0a61ac0b1900004dca36231000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
657c7c582d684dca-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame A121 		401 B
718 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=abmTR81UBeXaiqPrYAWFZb0Ttv1obbrPFZbNYTvs3aFl2arPnEZbDYbUbTtFUmmvIpGrumWnD3EZbe5duq5PfGnbrLYc7X1sn41svpmavQ5UnRTFfZcVmr2RqU3PVZbsStJr1djxVmbn4cU20UQDUPut26QdR6jG3Hvm1HMZdmt2u36YY5cj7VcMjVcJlSAvmTHFWUFM52FPrUaQqVEQcQavFQVQCRruoUdMWyiIXNj&mediaDataID=7665496&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=dailythanthicom&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fwww.dailythanthi.com%2F&f=1&p=5060307&tKey=aFmneMVEYwWqB6PqYZdSsZbZa2GaCRAXIAg&a=1&adContainerId=richmedia_2&rnd=5058001
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaa6689b1e50b7b7bef756a69b61cf86aa19c9d0b11ba6fff2c4db76a5f70eee

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=abmTR81UBeXaiqPrYAWFZb0Ttv1obbrPFZbNYTvs3aFl2arPnEZbDYbUbTtFUmmvIpGrumWnD3EZbe5duq5PfGnbrLYc7X1sn41svpmavQ5UnRTFfZcVmr2RqU3PVZbsStJr1djxVmbn4cU20UQDUPut26QdR6jG3Hvm1HMZdmt2u36YY5cj7VcMjVcJlSAvmTHFWUFM52FPrUaQqVEQcQavFQVQCRruoUdMWyiIXNj&mediaDataID=7665496&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=afnrIlmge0xousnA7fvCZcuPdbZculVnP9YlKUJ0ZaLGXxWnZbLeheoqZdgZd06EyOv2PwjK2NBtZb9TFBo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
83
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
0a61ac0b1a00004dcaf789c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
657c7c582d694dca-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 7134 		524 B
807 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=acmTR8UcbfPP3wUdMPTbnY5barWaMmWEnlQEMZdQcBJRrixSWQdWGbS5rXsmWas0qyn4tMFQGrF26BZbotIyTHBaYF7i1Fjh1qqOSUJCWUr3TtQWmr7oQrjqXqFt3TJa4qrQmEMK1bB6WH7Xn6MZapsMrmHvF2Tvk2dZan4PvZaprMEXVfQ1cnV1VFvmqFW2rFVVrnBV6jYRTY2QsUqQHjrYtvuT6bu1V3kOuOycQ&mediaDataID=5436426&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=dailythanthicom&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fwww.dailythanthi.com%2F&f=1&p=5060307&tKey=aFmneMVEYwWqB6PqYZdSsZbZa2GaCRAXIAg&a=1&adContainerId=richmedia_2&rnd=5058001
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de2a7f6d0a25415d7065e9473e0152d17639d2b4cc9e630ec456cc5503886fcf

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=acmTR8UcbfPP3wUdMPTbnY5barWaMmWEnlQEMZdQcBJRrixSWQdWGbS5rXsmWas0qyn4tMFQGrF26BZbotIyTHBaYF7i1Fjh1qqOSUJCWUr3TtQWmr7oQrjqXqFt3TJa4qrQmEMK1bB6WH7Xn6MZapsMrmHvF2Tvk2dZan4PvZaprMEXVfQ1cnV1VFvmqFW2rFVVrnBV6jYRTY2QsUqQHjrYtvuT6bu1V3kOuOycQ&mediaDataID=5436426&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=afnrIlmge0xousnA7fvCZcuPdbZculVnP9YlKUJ0ZaLGXxWnZbLeheoqZdgZd06EyOv2PwjK2NBtZb9TFBo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
1
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
0a61ac0b1b00004dcad2801000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
657c7c582d6d4dca-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ Frame 0ABC 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71f79e9a0ba2168a40392fde46e32cc3d042f8f910a6ca881cdebdefb25667f4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame C79D 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sun, 30 May 2021 22:29:49 GMT
expires
Mon, 30 May 2022 22:29:49 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
11348
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 5911 		783 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6675951ceddcb0ffc137886e2c535a89a61c6fb0750fbec273e0c27094ef48e9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-u+6cy0w+hU9GFiyhMDFD6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

expires
Mon, 31 May 2021 01:38:57 GMT
date
Mon, 31 May 2021 01:38:57 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-u+6cy0w+hU9GFiyhMDFD6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/ Frame 0ABC 		232 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5529888893498232&plah=www.dailythanthi.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87658
x-xss-protection
0
server
cafe
etag
5316214545020586774
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 31 May 2021 01:38:57 GMT
NotToServe
adgebra.co.in/AdServing/ 		0
279 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/AdServing/NotToServe?p1=2&p3=901&p4=https://www.dailythanthi.com/&p5=0&p6=12
Requested by
Host: adgebra.co.in
URL: https://adgebra.co.in/Spike/spike.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-cache
cf-ray
657c7c58883d4e56-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
cf-request-id
0a61ac0b5300004e563bb42000000001
expires
Mon, 31 May 2021 01:38:57 GMT
A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
pagead2.googlesyndication.com/bg/ Frame C79D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 19:57:48 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
20470
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5771
x-xss-protection
0
expires
Mon, 30 May 2022 19:57:48 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 0ABC 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.dailythanthi.com&callback=_gfp_s_&client=ca-pub-5529888893498232&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5529888893498232&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 0ABC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.dailythanthi.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5529888893498232&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0ABC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailythanthi.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5529888893498232&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 03D7 		63 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=90&slotname=9500074323&adk=2706232591&adf=711894563&pi=t.ma~as.9500074323&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425137977&bpp=2&bdt=1184&idt=54&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=2&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=432242036&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1329&biw=1600&bih=1200&isw=728&ish=90&ifk=2434894727&scr_x=0&scr_y=0&eid=31060930%2C31060840%2C44740386%2C44743002&oid=3&pvsid=1815453050058392&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umrugwbk180e&btvi=1&fsb=1&dtd=65
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5529888893498232&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffeb800501341f13f449958cfec604cc8b5135cc888ecebb44b23932df956a3e
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIS5ndDk8vACFQ_zdwodJlkEpw&gqi=Mj60YIuHA4nWgAfOsrfIDQ&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5529888893498232&output=html&h=90&slotname=9500074323&adk=2706232591&adf=711894563&pi=t.ma~as.9500074323&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425137977&bpp=2&bdt=1184&idt=54&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=2&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=432242036&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1329&biw=1600&bih=1200&isw=728&ish=90&ifk=2434894727&scr_x=0&scr_y=0&eid=31060930%2C31060840%2C44740386%2C44743002&oid=3&pvsid=1815453050058392&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umrugwbk180e&btvi=1&fsb=1&dtd=65
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkpb83zOUNZR_A1uJwRoRp-LpvtqLHREhRZ2A8Mn8Q2HMByfARbRsC2fzyRIag; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIS5ndDk8vACFQ_zdwodJlkEpw&gqi=Mj60YIuHA4nWgAfOsrfIDQ&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 31 May 2021 01:38:58 GMT
server
cafe
content-length
22722
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 0ABC 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5529888893498232&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028727180027"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Mon, 31 May 2021 01:38:58 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C802 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWSEeoY_3mXceaXELts0fbegbRr4sCmwKI82xA13GviMuzDXSrRbWrQdYwQxNlhXKWFrdy8LxewKhTNw9XtSveUuZczIL2y9yg7HIUUeHeJ6WW4eyFjGpEfTvtMg&sai=AMfl-YTjw_cuG3LKeT3jkQJyzJzD2JSDGzWQBSb9aRJApMCCp6sDdFx97ysp6rxacLbQDBfX6HoKD6XrNqQa5nVT7xxROyo1d5uVpGYhRUM8m8hYXQ24QwmuPVxh6rBTW-U&sig=Cg0ArKJSzJIi1L-76QgCEAE&cid=CAASPeRoRwB0s-9aOwHtEeFaqId7kBR86dd7qBdlHcYTnEFixzSgDClRE-k4Wkp5hJMbzPXmsXctyz3RUm14sPw&id=ampim&o=1075,467&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=93&tls=1093&g=100&h=100&tt=1093&r=v&avms=ampa&adk=4163065833
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5D3F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTFp-sU1C2gETvHIrRFurhD6OlbI6zBH_kSerGOwhPH6Dn4nNICnPn77pmdaqskWjHkmTeCivZtbOydGuFV7uPEHgLfXsdx-ZfZZ7v_1ziMrXZRvIX4SDeOFS1df1BVn1s8cMKUj3dH0-wtv_zwQ_U&sai=AMfl-YSLFrQTGqhwjAu4QyngU7ziXoZYk3iLI4Su9PRwc5qLIROWQem8OABn9IYZ8I5WInYDSDnc5we5HBAAXwfdwU9xOH6Hd_CeC_3k6y031WnCQhWNhz6hwgETDihs&sig=Cg0ArKJSzDx6LYh5dNxkEAE&cid=CAASPeRobGD_cKM2Wie86ETv6mqqBKDrrVZmGawnztlpPc_B0fRURIGzek2fJMtE1hPPpgAmR6IR85komLKtvag&id=ampim&o=1277,1147&d=320,50&ss=1600,1200&bs=1600,1200&mcvt=1006&mtos=0,0,1006,1006,1006&tos=0,0,1006,0,0&tfs=50&tls=1056&g=100&h=100&tt=1057&r=v&avms=ampa&adk=1696703067
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame DD17 		134 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=dailythanthicom&adSpace=ros&center=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Fwww.dailythanthi.com%2F&f=1&p=5060307&tKey=a6mneM4GYfUGB8VGbeRmYyYTYcRAXgrn&a=3&adContainerId=richmedia_4&rnd=5063336
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48356
x-xss-protection
0
server
cafe
etag
3890051329819667200
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 31 May 2021 01:38:58 GMT
p.media
s.tribalfusion.com/ Frame 0B0D 		502 B
790 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aJmTR8ScUsStZbO1WZbpW63w4srWYbFIT6Tw4An8RPjB4WYM1HnLnt2N4PvT5GM9Vc3lUsbeRPFxWtZbWUbjP3rZatVqnoVaQcPTBHRcQZbRrZatPHviVcvS4FTqnWqq0qqp2tnZaQVrZc263ZcmdEyUtFc0Ur71UJl1qAoSrrCTFBYTtQWmbQmRUBNXaJt4Tff5E7XmaMHXUYaWWBUmPnInsYwmHfJ5EZbg0WiFOhXhP2&mediaDataID=6807466&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=dailythanthicom&adSpace=ros&center=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Fwww.dailythanthi.com%2F&f=1&p=5060307&tKey=a6mneM4GYfUGB8VGbeRmYyYTYcRAXgrn&a=3&adContainerId=richmedia_4&rnd=5063336
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e30981f7343ffb515df3b0cf0f1beaf42d5e4237caff00e22d3cc71ac2698f

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=aJmTR8ScUsStZbO1WZbpW63w4srWYbFIT6Tw4An8RPjB4WYM1HnLnt2N4PvT5GM9Vc3lUsbeRPFxWtZbWUbjP3rZatVqnoVaQcPTBHRcQZbRrZatPHviVcvS4FTqnWqq0qqp2tnZaQVrZc263ZcmdEyUtFc0Ur71UJl1qAoSrrCTFBYTtQWmbQmRUBNXaJt4Tff5E7XmaMHXUYaWWBUmPnInsYwmHfJ5EZbg0WiFOhXhP2&mediaDataID=6807466&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=amnsmAy4Zaw4BA9MAJTn6lXtS7s5MNapmn9EHUv3Egqr6DkMTt5U9oAyEngPqv4OWcyKsx4Xmge80
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
6
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
0a61ac0bc900004dca2b0e0000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
657c7c594ec04dca-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 9CEB 		442 B
734 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aKmTR81E3t3TZbl4avQoaJB1rf7UdZb0nAQBnV3mmtvC5EY92dAr5PvKmF3JXsvS1cQTXV7xnTvW5FZbVVU7ZcWPn1QEv0QVUqSHUt0HvtT6QM4sYUXUYZbV6qt56Zb9R67K2HYy0HBCptIx363Y4VvdVVU8UcjkSAnMTtvRTbM05bEuWajoTTMlPa3LRsBAQUupRt79VsfR2U2smtisXEPp4dbZdSGrHYPUyyNjQHf&mediaDataID=4056396&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=dailythanthicom&adSpace=ros&center=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Fwww.dailythanthi.com%2F&f=1&p=5060307&tKey=a6mneM4GYfUGB8VGbeRmYyYTYcRAXgrn&a=3&adContainerId=richmedia_4&rnd=5063336
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8289c3974ca954c234c560d7176ba3679afe76f0a65f1adf63503adb15351951

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=aKmTR81E3t3TZbl4avQoaJB1rf7UdZb0nAQBnV3mmtvC5EY92dAr5PvKmF3JXsvS1cQTXV7xnTvW5FZbVVU7ZcWPn1QEv0QVUqSHUt0HvtT6QM4sYUXUYZbV6qt56Zb9R67K2HYy0HBCptIx363Y4VvdVVU8UcjkSAnMTtvRTbM05bEuWajoTTMlPa3LRsBAQUupRt79VsfR2U2smtisXEPp4dbZdSGrHYPUyyNjQHf&mediaDataID=4056396&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=amnsmAy4Zaw4BA9MAJTn6lXtS7s5MNapmn9EHUv3Egqr6DkMTt5U9oAyEngPqv4OWcyKsx4Xmge80
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-type
text/html; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
48
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
0a61ac0bca00004dca0ebba000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
657c7c594ec34dca-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ Frame DD17 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7bed59fa65bab09685c68630bcb0a298c1d572dbaf35f308b77cded7a59b7e1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
beacon.min.js
static.cloudflareinsights.com/ Frame 61AD 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a4mTR8prMZd0GnPYGnT1cnupTfU2bnPTrJZcWP34Rqr0ScYOPdbN1dvqWP3N2GQ20UYBV6qm4PZb7RmrA2H3O0HQZdmHTm3mrP4sjeUVJ8UcJiPP3oUHUTUUbY2U2pUqnvVE3iQEBHQGFLRravSdr7UcvP2FmtntAmYaTy3tbFSGjZa46JZamdiyTt77XbYcXrYf0TqoSFFAWFM4VdQ4mFfxRUrN1EFtXqJ5uZa4qvV&mediaDataID=2713736&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
657c7c598d154ecd-FRA
cf-request-id
0a61ac0bf900004ecd2c396000000001
i.match
a.tribalfusion.com/ Frame 61AD
Redirect Chain
  • https://tags.bluekai.com/site/4229?id=18072662184062536680&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID
  • https://a.tribalfusion.com/i.match?p=b3&u=OKiyJQ9999YlngHQ
43 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b3&u=OKiyJQ9999YlngHQ
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a4mTR8prMZd0GnPYGnT1cnupTfU2bnPTrJZcWP34Rqr0ScYOPdbN1dvqWP3N2GQ20UYBV6qm4PZb7RmrA2H3O0HQZdmHTm3mrP4sjeUVJ8UcJiPP3oUHUTUUbY2U2pUqnvVE3iQEBHQGFLRravSdr7UcvP2FmtntAmYaTy3tbFSGjZa46JZamdiyTt77XbYcXrYf0TqoSFFAWFM4VdQ4mFfxRUrN1EFtXqJ5uZa4qvV&mediaDataID=2713736&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
657c7c5a7dce4e6d-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
0a61ac0c8c00004e6dc7a33000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://a.tribalfusion.com/i.match?p=b3&u=OKiyJQ9999YlngHQ
Date
Mon, 31 May 2021 01:38:58 GMT
Connection
keep-alive
Content-Length
0
BK-Server
a93c
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
beacon.min.js
static.cloudflareinsights.com/ Frame 874F 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a7mTR80GnQ1c341c7NpEjW5UZbUWrBGVAYTPTY1SV3sStBt0dJpVmbO3GvXXb3KVmuu2AU8P6MD4HFr0HQAntZaM4AJ13cY8TVJlVVMjPPnyWd33TFBS3FIxVEjoTTUlQEUGSGQARbimPHMiVsnR2ryqodapYa2y3tYAPVrG2mQHotXtVWbh0rn71bUg1EqtRUJCTrZb4Tdr0mbJoPbZbN1EFy3TUlYEMfmvl7is&mediaDataID=9148826&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
657c7c598d174ecd-FRA
cf-request-id
0a61ac0bf900004ecd759f2000000001
i.match
a.tribalfusion.com/ Frame 874F
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662184062536680&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662184062536680&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=f7e16a86-c1b0-11e...
  • https://a.tribalfusion.com/i.match?p=b19&u=f7e16a12-c1b0-11eb-8848-14e583300306
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b19&u=f7e16a12-c1b0-11eb-8848-14e583300306
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a7mTR80GnQ1c341c7NpEjW5UZbUWrBGVAYTPTY1SV3sStBt0dJpVmbO3GvXXb3KVmuu2AU8P6MD4HFr0HQAntZaM4AJ13cY8TVJlVVMjPPnyWd33TFBS3FIxVEjoTTUlQEUGSGQARbimPHMiVsnR2ryqodapYa2y3tYAPVrG2mQHotXtVWbh0rn71bUg1EqtRUJCTrZb4Tdr0mbJoPbZbN1EFy3TUlYEMfmvl7is&mediaDataID=9148826&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
657c7c5a1d6c4e6d-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
0a61ac0c4f00004e6ddf0a2000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Mon, 31 May 2021 01:38:58 GMT
Server
nginx
Location
https://a.tribalfusion.com/i.match?p=b19&u=f7e16a12-c1b0-11eb-8848-14e583300306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
129
Connection
keep-alive
Content-Length
43
beacon.min.js
static.cloudflareinsights.com/ Frame A8FD 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a5mTR8VWJ60bnaYFjg1EIqPbMZcTrU2WHnWmbjnRbbr1EQN4Ebl4q74naFFYFF7WHf0oPnLnG7pmW7D3T373d6n46nEpbQZb0sfXXVFYXGZbOpT742bYRWUJHVm75REvQQsYNQdUtYdjnT6vp3VUX0bQZaVmys5AvdQmBF3HZbrXWYAnt2v36rY4V36Vsv8VGMeR6FMTHJPWbB33rEnWEUvTTJlSTBZcTsZbvOrFO9Zc&mediaDataID=6719746&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
657c7c598d184ecd-FRA
cf-request-id
0a61ac0bf900004ecdd1243000000001
i.match
a.tribalfusion.com/ Frame A8FD
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726621840...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726621840...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662184062536680&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U...
  • https://a.tribalfusion.com/i.match?p=b11&u=33A20561-9671-4312-AAFA-7800C6761A6F
43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b11&u=33A20561-9671-4312-AAFA-7800C6761A6F
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a5mTR8VWJ60bnaYFjg1EIqPbMZcTrU2WHnWmbjnRbbr1EQN4Ebl4q74naFFYFF7WHf0oPnLnG7pmW7D3T373d6n46nEpbQZb0sfXXVFYXGZbOpT742bYRWUJHVm75REvQQsYNQdUtYdjnT6vp3VUX0bQZaVmys5AvdQmBF3HZbrXWYAnt2v36rY4V36Vsv8VGMeR6FMTHJPWbB33rEnWEUvTTJlSTBZcTsZbvOrFO9Zc&mediaDataID=6719746&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
657c7c5a4da84e6d-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
0a61ac0c7200004e6d2d8fa000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://a.tribalfusion.com/i.match?p=b11&u=33A20561-9671-4312-AAFA-7800C6761A6F
date
Mon, 31 May 2021 01:38:56 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:365
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
beacon.min.js
static.cloudflareinsights.com/ Frame 47EC 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a9mTR8VcQcUcbfSmZbvUdQTWrJ55ramVEUvVErbSaQZcQVFAQbIoRW76Vc3R4rmood6M0amv2dbGSVMG46YHotIpUtYf0r3cYrY71TqoPbMDWUYSVtB1mUfoQbrr1EYy5EBd4q7PoEfB1rJfTdfUomrZcpGnspW3G2Tnk2dmq3A7GnbbZd0G30XGUY1G7vmqvT3bFSWbMDUP3YPTMXQVrMStUrYtvpQAvIN2LG6Za&mediaDataID=6347136&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
657c7c598d194ecd-FRA
cf-request-id
0a61ac0bf900004ecd8b242000000001
i.match
a.tribalfusion.com/ Frame 47EC
Redirect Chain
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662184062536680&_origin=1&redir=true
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662184062536680&_origin=1&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662184062536680&_origin=1&redir=true&apid=UPf7dea33b-c1b0-11eb-b90d-062e6c792732
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662184062536680&_origin=1&redir=true&apid=UPf7dea33b-c1b0-11eb-b90d-062e6c792732&verify=true
  • https://a.tribalfusion.com/i.match?p=b17&u=UPf7dea33b-c1b0-11eb-b90d-062e6c792732
43 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b17&u=UPf7dea33b-c1b0-11eb-b90d-062e6c792732
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a9mTR8VcQcUcbfSmZbvUdQTWrJ55ramVEUvVErbSaQZcQVFAQbIoRW76Vc3R4rmood6M0amv2dbGSVMG46YHotIpUtYf0r3cYrY71TqoPbMDWUYSVtB1mUfoQbrr1EYy5EBd4q7PoEfB1rJfTdfUomrZcpGnspW3G2Tnk2dmq3A7GnbbZd0G30XGUY1G7vmqvT3bFSWbMDUP3YPTMXQVrMStUrYtvpQAvIN2LG6Za&mediaDataID=6347136&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
657c7c5a7dc84e6d-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
0a61ac0c8700004e6d38b80000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Mon, 31 May 2021 01:38:58 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://a.tribalfusion.com/i.match?p=b17&u=UPf7dea33b-c1b0-11eb-b90d-062e6c792732
Connection
keep-alive
Content-Length
0
beacon.min.js
static.cloudflareinsights.com/ Frame A121 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=abmTR81UBeXaiqPrYAWFZb0Ttv1obbrPFZbNYTvs3aFl2arPnEZbDYbUbTtFUmmvIpGrumWnD3EZbe5duq5PfGnbrLYc7X1sn41svpmavQ5UnRTFfZcVmr2RqU3PVZbsStJr1djxVmbn4cU20UQDUPut26QdR6jG3Hvm1HMZdmt2u36YY5cj7VcMjVcJlSAvmTHFWUFM52FPrUaQqVEQcQavFQVQCRruoUdMWyiIXNj&mediaDataID=7665496&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
657c7c598d1a4ecd-FRA
cf-request-id
0a61ac0bf900004ecdf8a20000000001
i.match
a.tribalfusion.com/ Frame A121
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662184062536680
  • https://a.tribalfusion.com/i.match?p=b23&u=266340603803000123763
43 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b23&u=266340603803000123763
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=abmTR81UBeXaiqPrYAWFZb0Ttv1obbrPFZbNYTvs3aFl2arPnEZbDYbUbTtFUmmvIpGrumWnD3EZbe5duq5PfGnbrLYc7X1sn41svpmavQ5UnRTFfZcVmr2RqU3PVZbsStJr1djxVmbn4cU20UQDUPut26QdR6jG3Hvm1HMZdmt2u36YY5cj7VcMjVcJlSAvmTHFWUFM52FPrUaQqVEQcQavFQVQCRruoUdMWyiIXNj&mediaDataID=7665496&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
657c7c59fd4f4e6d-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
0a61ac0c3c00004e6dc7a31000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://a.tribalfusion.com/i.match?p=b23&u=266340603803000123763
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/ Frame DD17 		232 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5529888893498232&plah=www.dailythanthi.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87658
x-xss-protection
0
server
cafe
etag
5316214545020586774
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 31 May 2021 01:38:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5761 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210524&jk=2749927025966008&bg=!_f6l_rrNAAaMan2LjGo7ACkAdvg8WgI97Xifw2LzpTAU8_3gFUM3FJ0dyXu4mwxNk_1eh18Xq4iHPgIAAAB6UgAAABloAQcKAIeiSOuxISfmec_GMtMuF8KlVVXo6Axyu1VhcIYKyjxfInjlYxSZz7Ff-a1C3jmb_C1Cc-BPFawostuGpLARw-JAf-7a9fP5hdRMfsGIYlJvxmflQCqoo9tVE2_Ycje1LHLYJYarCtTYtYhNhMg7nXrvjhtopIrJJ86T5IaKiROJP21Pl4eRxS6ZAmYd7tZY02b3kuKj4LcuiWhfOINH5UB8ozeUKyOHJJCKkATWGIh_NfcnLuoCf32Iyb74hORfPmQQ2NtCM9LWZIrEDesTSzH-uZ6TA0eJJjjxLdHFQHLGDg6TItPXBSa3OjFO5nuTnKQvQx5VhFIQPEe6srxjS0C5CWzbVDAk1VdK-o3hyIoLmkiOHDKn6Ss0dA7xHyMA6B3rmQ69b_-qeJEJClJ_NJcm506XK1c2iBrXyedVKCJGUVxUthEiqcUPViZEiaAcO8QH8-YQEL31WXIuSkJqq993VSNtuDazPbW7JoiBc1W7e6VaLI1aNh8gjD9G0kcNSbWQeOOzplXt6xazw2SKcKpssJ1LwjQqYLa37OQr9fT7wrtL5NiLXGSDTIE10SnypXOZ2TA1Z-QnvyL6mm4mJ-VwYvbHFtn-BhsiSkhChgOtNUhgrUNUQk8a8G6tWL1WxWa9usKmN51iJDTk8Qez9cxLdfEYIgGpi5c5-yiKHLyPlU0fmzusP3WImoOGtPVvPmC5Q-TffDWuft8CVSrTrb2AvcrOEYaXRSWZpFISpBxCoJxGbu8dk0f0n5ywgq-Atxm57tAV3Jmyt-_v3-0dgempcmEyvPf_UJ3ADkchp4Mf3X7eiEGnG7mQY5_sy4MClczMYS8jgbvvcuqObnjvL5aYu-Qm8ijSrpPnqwoNbyYU_hAHxjuOWRoEMLup1Q2GIO5jDufwahoUzjzOwrKQ9BKSlz5uCklVjKuPY8Jk2OK2UB5V7JxHswb4EPJ4HT8x5B6O1oYEEKt1jHeAQwcDIIUzNpiBDB1UkT_YxE8uwH2apQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:34 GMT
server
nginx
etag
W/"60a5fdd2-14a5d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 01 Jun 2021 01:38:58 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame DD17 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.dailythanthi.com&callback=_gfp_s_&client=ca-pub-5529888893498232&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5529888893498232&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame DD17 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.dailythanthi.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5529888893498232&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DD17 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailythanthi.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5529888893498232&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0F88 		72 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=250&slotname=8071442581&adk=1791281496&adf=2632948842&pi=t.ma~as.8071442581&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425138159&bpp=2&bdt=1416&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=1081478119&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=202&biw=1600&bih=1200&isw=300&ish=250&ifk=1762975595&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C44743003&oid=3&pvsid=3784595887177500&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18obczk3120a&fsb=1&dtd=63
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5529888893498232&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d732fb68e5633f33e404ac69aa8b488b6e41c4dd564dd8d9581d6f5db4ef1511
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5529888893498232&output=html&h=250&slotname=8071442581&adk=1791281496&adf=2632948842&pi=t.ma~as.8071442581&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425138159&bpp=2&bdt=1416&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=1081478119&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=202&biw=1600&bih=1200&isw=300&ish=250&ifk=1762975595&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C44743003&oid=3&pvsid=3784595887177500&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18obczk3120a&fsb=1&dtd=63
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkpb83zOUNZR_A1uJwRoRp-LpvtqLHREhRZ2A8Mn8Q2HMByfARbRsC2fzyRIag; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 31 May 2021 01:38:58 GMT
server
cafe
content-length
26244
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame DD17 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5529888893498232&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028727180027"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Mon, 31 May 2021 01:38:58 GMT
beacon.min.js
static.cloudflareinsights.com/ Frame 9CEB 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aKmTR81E3t3TZbl4avQoaJB1rf7UdZb0nAQBnV3mmtvC5EY92dAr5PvKmF3JXsvS1cQTXV7xnTvW5FZbVVU7ZcWPn1QEv0QVUqSHUt0HvtT6QM4sYUXUYZbV6qt56Zb9R67K2HYy0HBCptIx363Y4VvdVVU8UcjkSAnMTtvRTbM05bEuWajoTTMlPa3LRsBAQUupRt79VsfR2U2smtisXEPp4dbZdSGrHYPUyyNjQHf&mediaDataID=4056396&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
657c7c5a5de64ecd-FRA
cf-request-id
0a61ac0c7500004ecdadada000000001
i.match
a.tribalfusion.com/ Frame 9CEB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662184062536680
  • https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEOfN2ZLGQHpODT7pNcRFrwE&google_cver=1&google_ula=2786954,0
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEOfN2ZLGQHpODT7pNcRFrwE&google_cver=1&google_ula=2786954,0
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aKmTR81E3t3TZbl4avQoaJB1rf7UdZb0nAQBnV3mmtvC5EY92dAr5PvKmF3JXsvS1cQTXV7xnTvW5FZbVVU7ZcWPn1QEv0QVUqSHUt0HvtT6QM4sYUXUYZbV6qt56Zb9R67K2HYy0HBCptIx363Y4VvdVVU8UcjkSAnMTtvRTbM05bEuWajoTTMlPa3LRsBAQUupRt79VsfR2U2smtisXEPp4dbZdSGrHYPUyyNjQHf&mediaDataID=4056396&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
657c7c5a7dc94e6d-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
0a61ac0c8a00004e6dc49eb000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEOfN2ZLGQHpODT7pNcRFrwE&google_cver=1&google_ula=2786954,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 37C0 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailythanthi.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=www.dailythanthi.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1979
set-cookie
uid=2754428e-a53c-4135-871e-ceeb3469eece; expires=Tue, 31 May 2022 01:38:57 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Mon, 31 May 2021 01:38:58 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:34 GMT
server
nginx
etag
W/"60a5fdd2-14a5d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 01 Jun 2021 01:38:58 GMT
beacon.min.js
static.cloudflareinsights.com/ Frame 0B0D 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aJmTR8ScUsStZbO1WZbpW63w4srWYbFIT6Tw4An8RPjB4WYM1HnLnt2N4PvT5GM9Vc3lUsbeRPFxWtZbWUbjP3rZatVqnoVaQcPTBHRcQZbRrZatPHviVcvS4FTqnWqq0qqp2tnZaQVrZc263ZcmdEyUtFc0Ur71UJl1qAoSrrCTFBYTtQWmbQmRUBNXaJt4Tff5E7XmaMHXUYaWWBUmPnInsYwmHfJ5EZbg0WiFOhXhP2&mediaDataID=6807466&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
657c7c5a7e274ecd-FRA
cf-request-id
0a61ac0c8800004ecdd5975000000001
usermatch.gif
beacon.krxd.net/ Frame 0B0D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b22&u=18072662184062536680&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
  • https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662184062536680
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662184062536680
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aJmTR8ScUsStZbO1WZbpW63w4srWYbFIT6Tw4An8RPjB4WYM1HnLnt2N4PvT5GM9Vc3lUsbeRPFxWtZbWUbjP3rZatVqnoVaQcPTBHRcQZbRrZatPHviVcvS4FTqnWqq0qqp2tnZaQVrZc263ZcmdEyUtFc0Ur71UJl1qAoSrrCTFBYTtQWmbQmRUBNXaJt4Tff5E7XmaMHXUYaWWBUmPnInsYwmHfJ5EZbg0WiFOhXhP2&mediaDataID=6807466&mediaName=frame.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.232.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-232-254.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
cache-control
private, no-cache, no-store
x-request-time
D=72 t=1622425138
x-served-by
beacon-n013-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
9753
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
657c7c5a7dcb4e6d-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662184062536680
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a61ac0c8800004e6dfd39a000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 03D7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=90&slotname=9500074323&adk=2706232591&adf=711894563&pi=t.ma~as.9500074323&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425137977&bpp=2&bdt=1184&idt=54&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=2&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=432242036&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1329&biw=1600&bih=1200&isw=728&ish=90&ifk=2434894727&scr_x=0&scr_y=0&eid=31060930%2C31060840%2C44740386%2C44743002&oid=3&pvsid=1815453050058392&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umrugwbk180e&btvi=1&fsb=1&dtd=65
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 01:35:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 03D7 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=90&slotname=9500074323&adk=2706232591&adf=711894563&pi=t.ma~as.9500074323&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425137977&bpp=2&bdt=1184&idt=54&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=2&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=432242036&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1329&biw=1600&bih=1200&isw=728&ish=90&ifk=2434894727&scr_x=0&scr_y=0&eid=31060930%2C31060840%2C44740386%2C44743002&oid=3&pvsid=1815453050058392&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umrugwbk180e&btvi=1&fsb=1&dtd=65
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Mon, 31 May 2021 01:38:58 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 03D7 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=90&slotname=9500074323&adk=2706232591&adf=711894563&pi=t.ma~as.9500074323&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425137977&bpp=2&bdt=1184&idt=54&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=2&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=432242036&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1329&biw=1600&bih=1200&isw=728&ish=90&ifk=2434894727&scr_x=0&scr_y=0&eid=31060930%2C31060840%2C44740386%2C44743002&oid=3&pvsid=1815453050058392&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umrugwbk180e&btvi=1&fsb=1&dtd=65
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:31:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
429
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 01:31:49 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame EE76 		223 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=90&slotname=9500074323&adk=2706232591&adf=711894563&pi=t.ma~as.9500074323&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425137977&bpp=2&bdt=1184&idt=54&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=2&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=432242036&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1329&biw=1600&bih=1200&isw=728&ish=90&ifk=2434894727&scr_x=0&scr_y=0&eid=31060930%2C31060840%2C44740386%2C44743002&oid=3&pvsid=1815453050058392&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umrugwbk180e&btvi=1&fsb=1&dtd=65
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7bf67883867f93d08cbf4eeac0485e641cb9e5b123e18bef046b7c706cffd28
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/17626451119355985920/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Sun, 30 May 2021 01:33:21 GMT
expires
Mon, 30 May 2022 01:33:21 GMT
last-modified
Mon, 03 May 2021 14:21:52 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
38330
age
86737
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 03D7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ClCpJMj60YITYA4_m3wOmspG4CuW2js5i_8r3gfYN3NkeEAEgh-LvIWCVAqABlc_o8QPIAQmpAtrap-B8dLQ-qAMByAMCqgTOAU_QaswCmekEMsHnZKhFt3DW6Pkoan275hXgkKEluet1BsxaYDmg_bXbFuRuTOfa_8sscUupBWDkEeYfj1IIreX1SFZelwasrfR3u-hyk9SgTwEfKVfcya0NIZAgXc9fdrms4E8XW0coenITQ-4r0w5f1gw2h3px3DXo9u1xRCp8otN4ASMBtNZBH0ySTI4SjigSgYpzG5Kq71psCdbirXWIRhf-J23EglQq9vUpBJPIMc7GtMDwLabFS3Lm09A1Jichbx1t5d5qAumlXXIKwATarIXYywOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGXYAH07CXDqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBD9iQ7SCAkIgOGAEBABGB-ACgHICwHYEw2IFAHQFQGYFgGAFwGyFxoKGAgAEhRwdWItNTUyOTg4ODg5MzQ5ODIzMg&sigh=DTpRMFfgd9U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=90&slotname=9500074323&adk=2706232591&adf=711894563&pi=t.ma~as.9500074323&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425137977&bpp=2&bdt=1184&idt=54&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=2&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=432242036&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1329&biw=1600&bih=1200&isw=728&ish=90&ifk=2434894727&scr_x=0&scr_y=0&eid=31060930%2C31060840%2C44740386%2C44743002&oid=3&pvsid=1815453050058392&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umrugwbk180e&btvi=1&fsb=1&dtd=65
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=90&slotname=9500074323&adk=2706232591&adf=711894563&pi=t.ma~as.9500074323&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425137977&bpp=2&bdt=1184&idt=54&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=2&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=432242036&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1329&biw=1600&bih=1200&isw=728&ish=90&ifk=2434894727&scr_x=0&scr_y=0&eid=31060930%2C31060840%2C44740386%2C44743002&oid=3&pvsid=1815453050058392&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umrugwbk180e&btvi=1&fsb=1&dtd=65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 31 May 2021 01:38:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 03D7 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIS5ndDk8vACFQ_zdwodJlkEpw&gqi=Mj60YIuHA4nWgAfOsrfIDQ&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=90&slotname=9500074323&adk=2706232591&adf=711894563&pi=t.ma~as.9500074323&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425137977&bpp=2&bdt=1184&idt=54&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=2&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=432242036&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1329&biw=1600&bih=1200&isw=728&ish=90&ifk=2434894727&scr_x=0&scr_y=0&eid=31060930%2C31060840%2C44740386%2C44743002&oid=3&pvsid=1815453050058392&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umrugwbk180e&btvi=1&fsb=1&dtd=65
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame EE76 		2 KB
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2130554153fa8c200d17c28a5c70c3b0cf4bd9b4796d6e431c89c7f99417a1a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 31 May 2021 00:15:32 GMT
server
ESF
date
Mon, 31 May 2021 01:38:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 May 2021 01:38:58 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EE76 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 03:56:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 31 May 2021 03:56:53 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EE76 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 18:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 31 May 2021 18:54:40 GMT
truncated
/ Frame 03D7 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18fd800875ed94f001d071fade3347ffc99922c70ba3245bf374cd95c2b2c065

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame EE76 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
344156
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Fri, 27 May 2022 02:03:02 GMT
N0bU2SZBIuF2PU_0DXR1.woff2
fonts.gstatic.com/s/bungee/v6/ Frame EE76 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bungee/v6/N0bU2SZBIuF2PU_0DXR1.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b00176dbbd9e4c77629b36fae58d076c8c3b55754e7c2dd3a6e4986e7ec9c37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 10:04:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 03:47:49 GMT
server
sffe
age
56086
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17268
x-xss-protection
0
expires
Mon, 30 May 2022 10:04:12 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame EE76 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 00:07:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:12 GMT
server
sffe
age
351060
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
expires
Fri, 27 May 2022 00:07:58 GMT
rum
s.tribalfusion.com/cdn-cgi/ Frame A121 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/cdn-cgi/rum?req_id=657c7c582d694dca
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://s.tribalfusion.com/p.media?clickID=abmTR81UBeXaiqPrYAWFZb0Ttv1obbrPFZbNYTvs3aFl2arPnEZbDYbUbTtFUmmvIpGrumWnD3EZbe5duq5PfGnbrLYc7X1sn41svpmavQ5UnRTFfZcVmr2RqU3PVZbsStJr1djxVmbn4cU20UQDUPut26QdR6jG3Hvm1HMZdmt2u36YY5cj7VcMjVcJlSAvmTHFWUFM52FPrUaQqVEQcQavFQVQCRruoUdMWyiIXNj&mediaDataID=7665496&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://s.tribalfusion.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
657c7c5b391f4dca-FRA
vary
Origin
rum
s.tribalfusion.com/cdn-cgi/ Frame 874F 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/cdn-cgi/rum?req_id=657c7c582d5f4dca
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://s.tribalfusion.com/p.media?clickID=a7mTR80GnQ1c341c7NpEjW5UZbUWrBGVAYTPTY1SV3sStBt0dJpVmbO3GvXXb3KVmuu2AU8P6MD4HFr0HQAntZaM4AJ13cY8TVJlVVMjPPnyWd33TFBS3FIxVEjoTTUlQEUGSGQARbimPHMiVsnR2ryqodapYa2y3tYAPVrG2mQHotXtVWbh0rn71bUg1EqtRUJCTrZb4Tdr0mbJoPbZbN1EFy3TUlYEMfmvl7is&mediaDataID=9148826&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://s.tribalfusion.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
657c7c5b49264dca-FRA
vary
Origin
null-leasing-logo-final_white_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame EE76 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/null-leasing-logo-final_white_1.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62cdccf1ab4b4215586295612a4a2ef96fa490250fa96dbccc565f659cab86ab
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
425508
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1738
x-xss-protection
0
last-modified
Mon, 03 May 2021 14:21:52 GMT
server
sffe
date
Wed, 26 May 2021 03:27:10 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 May 2022 03:27:10 GMT
autos_licht_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame EE76 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/autos_licht_1.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a87352099e9b3946d71f4f73c69f9217ef99278088a177d5eef09df78c11e4ae
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
425508
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5867
x-xss-protection
0
last-modified
Mon, 03 May 2021 14:21:52 GMT
server
sffe
date
Wed, 26 May 2021 03:27:10 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 May 2022 03:27:10 GMT
autos.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame EE76 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/autos.png
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c45bfa2dc80f54eb8564aa778a0929a00811168617ee6340cc59f0af48e5cca
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
425508
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49113
x-xss-protection
0
last-modified
Mon, 03 May 2021 14:21:52 GMT
server
sffe
date
Wed, 26 May 2021 03:27:10 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 May 2022 03:27:10 GMT
hintergrund_plain.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame EE76 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/hintergrund_plain.jpg
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
969231fe165a93933d6908d45bfa09c364b66de37160efea47d87d18d7d37bd8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
425508
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30604
x-xss-protection
0
last-modified
Mon, 03 May 2021 14:21:52 GMT
server
sffe
date
Wed, 26 May 2021 03:27:10 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 May 2022 03:27:10 GMT
rum
s.tribalfusion.com/cdn-cgi/ Frame A8FD 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/cdn-cgi/rum?req_id=657c7c581d5d4dca
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://s.tribalfusion.com/p.media?clickID=a5mTR8VWJ60bnaYFjg1EIqPbMZcTrU2WHnWmbjnRbbr1EQN4Ebl4q74naFFYFF7WHf0oPnLnG7pmW7D3T373d6n46nEpbQZb0sfXXVFYXGZbOpT742bYRWUJHVm75REvQQsYNQdUtYdjnT6vp3VUX0bQZaVmys5AvdQmBF3HZbrXWYAnt2v36rY4V36Vsv8VGMeR6FMTHJPWbB33rEnWEUvTTJlSTBZcTsZbvOrFO9Zc&mediaDataID=6719746&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://s.tribalfusion.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
657c7c5b694e4dca-FRA
vary
Origin
rum
s.tribalfusion.com/cdn-cgi/ Frame 47EC 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/cdn-cgi/rum?req_id=657c7c582d654dca
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://s.tribalfusion.com/p.media?clickID=a9mTR8VcQcUcbfSmZbvUdQTWrJ55ramVEUvVErbSaQZcQVFAQbIoRW76Vc3R4rmood6M0amv2dbGSVMG46YHotIpUtYf0r3cYrY71TqoPbMDWUYSVtB1mUfoQbrr1EYy5EBd4q7PoEfB1rJfTdfUomrZcpGnspW3G2Tnk2dmq3A7GnbbZd0G30XGUY1G7vmqvT3bFSWbMDUP3YPTMXQVrMStUrYtvpQAvIN2LG6Za&mediaDataID=6347136&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://s.tribalfusion.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
657c7c5b89694dca-FRA
vary
Origin
beacon.min.js
static.cloudflareinsights.com/ Frame 4336 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a6mTR83sr7VcQcUsfkPAJxWdnPWbb32bauWaQpTaYaSTUHRG7JPburStY7WcrW2FqvotirXqew4tjFQVbZa46YIpHPNVHb80rfiXbYiXaApPbQZbTb3YWdMUnFQmRUfNYTQO5EUc2qr1oT7IXUBaWt7WoAvZbmVUrpWUG2TZbh5teN5PvZbprQEYcQUXGMT1cvxnavQ2rJQTUZbDWPv3Pq3QScZbMStUN2WbDMk1xIq&mediaDataID=6546596&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
657c7c5b8f974ecd-FRA
cf-request-id
0a61ac0d3600004ecd75a03000000001
sd
us-u.openx.net/w/1.0/ Frame 4336
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=9cf2e9ee-a7c5-4bf7-8283-9a100aec712a
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662184062536680
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662184062536680
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a6mTR83sr7VcQcUsfkPAJxWdnPWbb32bauWaQpTaYaSTUHRG7JPburStY7WcrW2FqvotirXqew4tjFQVbZa46YIpHPNVHb80rfiXbYiXaApPbQZbTb3YWdMUnFQmRUfNYTQO5EUc2qr1oT7IXUBaWt7WoAvZbmVUrpWUG2TZbh5teN5PvZbprQEYcQUXGMT1cvxnavQ2rJQTUZbDWPv3Pq3QScZbMStUN2WbDMk1xIq&mediaDataID=6546596&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
11619
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
657c7c5bb9a84dca-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662184062536680
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a61ac0d5800004dcacd97a000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
s.tribalfusion.com/cdn-cgi/ Frame 61AD 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/cdn-cgi/rum?req_id=657c7c581d5c4dca
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://s.tribalfusion.com/p.media?clickID=a4mTR8prMZd0GnPYGnT1cnupTfU2bnPTrJZcWP34Rqr0ScYOPdbN1dvqWP3N2GQ20UYBV6qm4PZb7RmrA2H3O0HQZdmHTm3mrP4sjeUVJ8UcJiPP3oUHUTUUbY2U2pUqnvVE3iQEBHQGFLRravSdr7UcvP2FmtntAmYaTy3tbFSGjZa46JZamdiyTt77XbYcXrYf0TqoSFFAWFM4VdQ4mFfxRUrN1EFtXqJ5uZa4qvV&mediaDataID=2713736&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://s.tribalfusion.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
657c7c5b997d4dca-FRA
vary
Origin
beacon.min.js
static.cloudflareinsights.com/ Frame 10B6 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aamTR81c33XG7wpE7W3UUUTFFDVAU4QE3QQsntSHFNYtjwWmUu2cBYYbrZcTAyo2PYgRmbA2WZbsXHJKntZao5mQV4VbeVsMbWcM6S6FMWdnSWrbP2UAoWTQrWaJaST3FSGFBPbuxPWrbUVv55bqsoWem0quO3tQAPVJD56JZbmdAyTHQ60b3kXr7h0TyrSFJHUbB2WWF0objsPFjtYqMy3TUa2a7Ytq7pNYA3KA&mediaDataID=6530936&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
657c7c5b9fa04ecd-FRA
cf-request-id
0a61ac0d3e00004ecdadae5000000001
i.match
a.tribalfusion.com/ Frame 10B6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662184062536680&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D
  • https://a.tribalfusion.com/i.match?p=b20&u=YLQ.MUq1VL7z6KwZcUWCnQAA
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b20&u=YLQ.MUq1VL7z6KwZcUWCnQAA
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aamTR81c33XG7wpE7W3UUUTFFDVAU4QE3QQsntSHFNYtjwWmUu2cBYYbrZcTAyo2PYgRmbA2WZbsXHJKntZao5mQV4VbeVsMbWcM6S6FMWdnSWrbP2UAoWTQrWaJaST3FSGFBPbuxPWrbUVv55bqsoWem0quO3tQAPVJD56JZbmdAyTHQ60b3kXr7h0TyrSFJHUbB2WWF0objsPFjtYqMy3TUa2a7Ytq7pNYA3KA&mediaDataID=6530936&mediaName=frame.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
657c7c5c1a084dca-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
0a61ac0d9200004dcaf51d4000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 May 2021 01:38:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://a.tribalfusion.com/i.match?p=b20&u=YLQ.MUq1VL7z6KwZcUWCnQAA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
255
Expires
Mon, 31 May 2021 01:38:58 GMT
rum
s.tribalfusion.com/cdn-cgi/ Frame 0B0D 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/cdn-cgi/rum?req_id=657c7c594ec04dca
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://s.tribalfusion.com/p.media?clickID=aJmTR8ScUsStZbO1WZbpW63w4srWYbFIT6Tw4An8RPjB4WYM1HnLnt2N4PvT5GM9Vc3lUsbeRPFxWtZbWUbjP3rZatVqnoVaQcPTBHRcQZbRrZatPHviVcvS4FTqnWqq0qqp2tnZaQVrZc263ZcmdEyUtFc0Ur71UJl1qAoSrrCTFBYTtQWmbQmRUBNXaJt4Tff5E7XmaMHXUYaWWBUmPnInsYwmHfJ5EZbg0WiFOhXhP2&mediaDataID=6807466&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://s.tribalfusion.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
657c7c5c2a0c4dca-FRA
vary
Origin
rum
s.tribalfusion.com/cdn-cgi/ Frame 4336 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/cdn-cgi/rum?req_id=657c7c582d5e4dca
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://s.tribalfusion.com/p.media?clickID=a6mTR83sr7VcQcUsfkPAJxWdnPWbb32bauWaQpTaYaSTUHRG7JPburStY7WcrW2FqvotirXqew4tjFQVbZa46YIpHPNVHb80rfiXbYiXaApPbQZbTb3YWdMUnFQmRUfNYTQO5EUc2qr1oT7IXUBaWt7WoAvZbmVUrpWUG2TZbh5teN5PvZbprQEYcQUXGMT1cvxnavQ2rJQTUZbDWPv3Pq3QScZbMStUN2WbDMk1xIq&mediaDataID=6546596&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://s.tribalfusion.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
657c7c5cfaed4dca-FRA
vary
Origin
rum
s.tribalfusion.com/cdn-cgi/ Frame 10B6 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/cdn-cgi/rum?req_id=657c7c582d684dca
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://s.tribalfusion.com/p.media?clickID=aamTR81c33XG7wpE7W3UUUTFFDVAU4QE3QQsntSHFNYtjwWmUu2cBYYbrZcTAyo2PYgRmbA2WZbsXHJKntZao5mQV4VbeVsMbWcM6S6FMWdnSWrbP2UAoWTQrWaJaST3FSGFBPbuxPWrbUVv55bqsoWem0quO3tQAPVJD56JZbmdAyTHQ60b3kXr7h0TyrSFJHUbB2WWF0objsPFjtYqMy3TUa2a7Ytq7pNYA3KA&mediaDataID=6530936&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://s.tribalfusion.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
657c7c5d1b1f4dca-FRA
vary
Origin
beacon.min.js
static.cloudflareinsights.com/ Frame 7134 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=acmTR8UcbfPP3wUdMPTbnY5barWaMmWEnlQEMZdQcBJRrixSWQdWGbS5rXsmWas0qyn4tMFQGrF26BZbotIyTHBaYF7i1Fjh1qqOSUJCWUr3TtQWmr7oQrjqXqFt3TJa4qrQmEMK1bB6WH7Xn6MZapsMrmHvF2Tvk2dZan4PvZaprMEXVfQ1cnV1VFvmqFW2rFVVrnBV6jYRTY2QsUqQHjrYtvuT6bu1V3kOuOycQ&mediaDataID=5436426&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
657c7c5d29734ecd-FRA
cf-request-id
0a61ac0e3800004ecd87221000000001
tap.php
pixel.rubiconproject.com/ Frame 7134
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b10&u=18072662184062536680&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
  • https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662184062536680&expires=180
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662184062536680&expires=180
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=acmTR8UcbfPP3wUdMPTbnY5barWaMmWEnlQEMZdQcBJRrixSWQdWGbS5rXsmWas0qyn4tMFQGrF26BZbotIyTHBaYF7i1Fjh1qqOSUJCWUr3TtQWmr7oQrjqXqFt3TJa4qrQmEMK1bB6WH7Xn6MZapsMrmHvF2Tvk2dZan4PvZaprMEXVfQ1cnV1VFvmqFW2rFVVrnBV6jYRTY2QsUqQHjrYtvuT6bu1V3kOuOycQ&mediaDataID=5436426&mediaName=frame.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
11534
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
657c7c5d2b264dca-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662184062536680&expires=180
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a61ac0e3900004dca04a28000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1C22 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPQ0d14-uczDtvPxetMRbHVWXJIMk8fXeDFx4Ek_EdMdyY6HUmPCM_sekVmDCWtrNbAvcQn0RLC_EK3MH80ihE9zJgRZwq0w&sig=Cg0ArKJSzC9PPhAid4nvEAE&cid=CAASF-Roc7iPcPLeEJkBLHyuFP9ta7iAhrT9&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3016797356&rs=2&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622425137045&dlt=690&rpt=539&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 0F88 		6 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=250&slotname=8071442581&adk=1791281496&adf=2632948842&pi=t.ma~as.8071442581&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425138159&bpp=2&bdt=1416&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=1081478119&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=202&biw=1600&bih=1200&isw=300&ish=250&ifk=1762975595&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C44743003&oid=3&pvsid=3784595887177500&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18obczk3120a&fsb=1&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 31 May 2021 01:25:27 GMT
server
ESF
date
Mon, 31 May 2021 01:38:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 May 2021 01:38:58 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 0F88 		1 KB
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=250&slotname=8071442581&adk=1791281496&adf=2632948842&pi=t.ma~as.8071442581&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425138159&bpp=2&bdt=1416&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=1081478119&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=202&biw=1600&bih=1200&isw=300&ish=250&ifk=1762975595&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C44743003&oid=3&pvsid=3784595887177500&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18obczk3120a&fsb=1&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 00:39:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3543
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 00:39:55 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 0F88 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=250&slotname=8071442581&adk=1791281496&adf=2632948842&pi=t.ma~as.8071442581&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425138159&bpp=2&bdt=1416&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=1081478119&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=202&biw=1600&bih=1200&isw=300&ish=250&ifk=1762975595&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C44743003&oid=3&pvsid=3784595887177500&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18obczk3120a&fsb=1&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1655
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7025
x-xss-protection
0
server
cafe
etag
8821855511435206686
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 01:11:23 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 0F88 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=250&slotname=8071442581&adk=1791281496&adf=2632948842&pi=t.ma~as.8071442581&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425138159&bpp=2&bdt=1416&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=1081478119&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=202&biw=1600&bih=1200&isw=300&ish=250&ifk=1762975595&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C44743003&oid=3&pvsid=3784595887177500&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18obczk3120a&fsb=1&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 01:35:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0F88 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=250&slotname=8071442581&adk=1791281496&adf=2632948842&pi=t.ma~as.8071442581&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425138159&bpp=2&bdt=1416&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=1081478119&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=202&biw=1600&bih=1200&isw=300&ish=250&ifk=1762975595&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C44743003&oid=3&pvsid=3784595887177500&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18obczk3120a&fsb=1&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Mon, 31 May 2021 01:38:58 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 0F88 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=250&slotname=8071442581&adk=1791281496&adf=2632948842&pi=t.ma~as.8071442581&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425138159&bpp=2&bdt=1416&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=1081478119&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=202&biw=1600&bih=1200&isw=300&ish=250&ifk=1762975595&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C44743003&oid=3&pvsid=3784595887177500&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18obczk3120a&fsb=1&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:31:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
429
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 01:31:49 GMT
l
www.google.com/ads/measurement/ Frame 0F88 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQytXOMIpu2CqmTzmrTNdB_Vveb7uUiMtA8N6FgeRReXthn50oCyhtjKtprVSHLrcr9i6e-rPM0NsvpZiZSFP8bOipr3A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=250&slotname=8071442581&adk=1791281496&adf=2632948842&pi=t.ma~as.8071442581&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425138159&bpp=2&bdt=1416&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=1081478119&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=202&biw=1600&bih=1200&isw=300&ish=250&ifk=1762975595&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C44743003&oid=3&pvsid=3784595887177500&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18obczk3120a&fsb=1&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
7d9aee27bee51cf015d1b4a8dc2025e1.js
www.gstatic.com/mysidia/ Frame 0F88 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7d9aee27bee51cf015d1b4a8dc2025e1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=250&slotname=8071442581&adk=1791281496&adf=2632948842&pi=t.ma~as.8071442581&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425138159&bpp=2&bdt=1416&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=1081478119&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=202&biw=1600&bih=1200&isw=300&ish=250&ifk=1762975595&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C44743003&oid=3&pvsid=3784595887177500&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18obczk3120a&fsb=1&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6f0dd8206df9adfe84428c4f85f678b1a01270a8359bbeef265f69bd94560a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 06:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 17:49:14 GMT
server
sffe
age
67480
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10414
x-xss-protection
0
expires
Sat, 28 Aug 2021 06:54:18 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0F88 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFs7UMj60YI_mDvOqrASVmZq4Ar7KpIBj4Y2L1JoO3NkeEAEgh-LvIWCVAqABoaXz7QLIAQmpAtrap-B8dLQ-qAMByAPLBKoE0wFP0JtQnG-EyyL_n46f1ENfXX14Gg4Y9bQdOP03AtZ_rqFEvF4XaUiRgQED4QezMd_234GdJCZK0x1pZLVC__YcAThQp2umkhdHWXFqJxgdN_M5Q4KrgKx8pvXpWIjQFNh62lsf8N8LzkVGSUJoZzvUFKX-WsRNK1lhrj_MhcPU_WB12g5n8cvMHnVQkqzuTnD9I-nmGal_orPQ_DblF6vTPn4rFgwu6McsmrB62PENT7kqC0QPaZjP0hUUgTXjxI-c4L2QMV_wEjHb5epyD1NtG2Z1wASTyIrX1AOSBQQIBBgBkgUECAUYBKAGLoAHx9qMkgGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ67Ua0ggJCIDhgBAQARgfgAoByAsB2BMNiBQB0BUBgBcBshcaChgIABIUcHViLTU1Mjk4ODg4OTM0OTgyMzI&sigh=UKVwy8mT2aQ&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=250&slotname=8071442581&adk=1791281496&adf=2632948842&pi=t.ma~as.8071442581&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425138159&bpp=2&bdt=1416&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=1081478119&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=202&biw=1600&bih=1200&isw=300&ish=250&ifk=1762975595&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C44743003&oid=3&pvsid=3784595887177500&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18obczk3120a&fsb=1&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=250&slotname=8071442581&adk=1791281496&adf=2632948842&pi=t.ma~as.8071442581&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425138159&bpp=2&bdt=1416&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=1081478119&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=202&biw=1600&bih=1200&isw=300&ish=250&ifk=1762975595&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C44743003&oid=3&pvsid=3784595887177500&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18obczk3120a&fsb=1&dtd=63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 31 May 2021 01:38:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
2076313506083323656
tpc.googlesyndication.com/simgad/7332635052260900351/ Frame 0F88 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7332635052260900351/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=250&slotname=8071442581&adk=1791281496&adf=2632948842&pi=t.ma~as.8071442581&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425138159&bpp=2&bdt=1416&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=1081478119&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=202&biw=1600&bih=1200&isw=300&ish=250&ifk=1762975595&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C44743003&oid=3&pvsid=3784595887177500&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18obczk3120a&fsb=1&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eaec0883e585409eb364fa1733a39a56adac6c734aec14f22bd1409cc54a82aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 06:24:03 GMT
x-content-type-options
nosniff
age
155695
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49179
x-xss-protection
0
last-modified
Fri, 28 May 2021 11:25:06 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 06:24:03 GMT
truncated
/ Frame 0F88 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
140bfe8d8b61a40add52f67523988f8c2e7da7b947f6f572fc15bcab07d45d52

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 22F6 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=250&slotname=8071442581&adk=1791281496&adf=2632948842&pi=t.ma~as.8071442581&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425138159&bpp=2&bdt=1416&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=1081478119&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=202&biw=1600&bih=1200&isw=300&ish=250&ifk=1762975595&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C44743003&oid=3&pvsid=3784595887177500&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18obczk3120a&fsb=1&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 30 May 2021 03:14:09 GMT
expires
Mon, 31 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
80689
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 0F88 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6fab80ead833288e7c082145efe2794c6f3eca9317a996c798c17c49ff4b4d1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 0F88 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 01:43:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
345326
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Fri, 27 May 2022 01:43:32 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 0F88 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
295409
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Fri, 27 May 2022 15:35:29 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 0F88 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 04:23:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
76535
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Mon, 30 May 2022 04:23:23 GMT
pixel
cm.g.doubleclick.net/ Frame 22F6
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGk8iJ3Crwd9F2jLd_bkCfQ&google_cver=1&google_push=AQvitUI-4ndd4Mavu2PQRUzU_q_iZ_pYAoW6eLWXNTfnA5t-CaThUgBfeH...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUI-4ndd4Mavu2PQRUzU_q_iZ_pYAoW6eLWXNTfnA5t-CaThUgBfeHRp4XG7dtlhEM0KWJ0NtBmRDebQuwnsVyVEfwmFwxey&google_hm=h8iiz9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUI-4ndd4Mavu2PQRUzU_q_iZ_pYAoW6eLWXNTfnA5t-CaThUgBfeHRp4XG7dtlhEM0KWJ0NtBmRDebQuwnsVyVEfwmFwxey&google_hm=h8iiz9osJXR-RAHelWJR1g
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUI-4ndd4Mavu2PQRUzU_q_iZ_pYAoW6eLWXNTfnA5t-CaThUgBfeHRp4XG7dtlhEM0KWJ0NtBmRDebQuwnsVyVEfwmFwxey&google_hm=h8iiz9osJXR-RAHelWJR1g
pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 22F6 		42 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUKZx6XpMzFuaBvZ3tRjsvibfYGGleFvx6i0r2Cgq42-a-NSWoIh9K5PNpqFKxFqL-zIzkfuOTdgu_2auD3Rk3RxKuS45xE&google_gid=CAESEIOSnnv3BtaDFInoBx9gYOo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=250&slotname=8071442581&adk=1791281496&adf=2632948842&pi=t.ma~as.8071442581&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425138159&bpp=2&bdt=1416&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=1081478119&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=202&biw=1600&bih=1200&isw=300&ish=250&ifk=1762975595&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C44743003&oid=3&pvsid=3784595887177500&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18obczk3120a&fsb=1&dtd=63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:58 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
sd
us-u.openx.net/w/1.0/ Frame 22F6
Redirect Chain
  • https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESEKW9rF9aBkYoEIvF6yzAmsQ&google_cver=1&google_push=AQvitUJlo9V4vj6-Pou3ZgQXWziRMGEQ_mba5vwD-i9sKHHhpkVZXfwhIihS...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELJ0xR4XQHfNzGWYkPk1wqQ&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELJ0xR4XQHfNzGWYkPk1wqQ&google_cver=1
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELJ0xR4XQHfNzGWYkPk1wqQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 22F6
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=M6IFYZZxQxKq-ngAxnYabw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=M6IFYZZxQxKq-ngAxnYabw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUL7BeJcAJDjJ8V76jqN4F3BIu9ggqxCOD5gEHF8LJ6WZ8pqwdnbqmDPSuHJEanLzGcfpG2Xsdli9pkBPVN4kXYdS6FfMFM
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=M6IFYZZxQxKq-ngAxnYabw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUL7BeJcAJDjJ8V76jqN4F3BIu9ggqxCOD5gEHF8LJ6WZ8pqwdnbqmDPSuHJEanLzGcfpG2Xsdli9pkBPVN4kXYdS6FfMFM
date
Mon, 31 May 2021 01:38:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 22F6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGTayy8P0NaS3DOGCOSfwWE&google_cver=1&google_push=AQvitUI1efMbrNpdHo4Bc9SRBN2dpZh7P5kaYyJsxUwXgPoPvG8XjMQR-0AazmrPpFLd2jdQR4H...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCWTFEN1QtMUUtNzBLUg==&google_push=AQvitUI1efMbrNpdHo4Bc9SRBN2dpZh7P5kaYyJsxUwXgPoPvG8XjMQR-0AazmrPpFLd2jdQR4H4SZ8Iqmym4v1jfINh6wNZEQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCWTFEN1QtMUUtNzBLUg==&google_push=AQvitUI1efMbrNpdHo4Bc9SRBN2dpZh7P5kaYyJsxUwXgPoPvG8XjMQR-0AazmrPpFLd2jdQR4H4SZ8Iqmym4v1jfINh6wNZEQ
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCWTFEN1QtMUUtNzBLUg==&google_push=AQvitUI1efMbrNpdHo4Bc9SRBN2dpZh7P5kaYyJsxUwXgPoPvG8XjMQR-0AazmrPpFLd2jdQR4H4SZ8Iqmym4v1jfINh6wNZEQ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 22F6
Redirect Chain
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHBFUy934at8yhcAEV85xPE&google_cver=1&google_push=AQvitUJk9d885DFCQLrTGfu7DyYcYJf9NdbJA5l2vnMTpwmE7Gj8jfcL-h87m34W7qf49RvIuD1jGd1AT-xAx4FbCeDgCZT...
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AQvitUJk9d885DFCQLrTGfu7DyYcYJf9NdbJA5l2vnMTpwmE7Gj8jfcL-h87m34W7qf49RvIuD1jGd1AT-xAx4FbCeDgCZTmdSyw&google_hm=CnW1Vqe3SmqdDQHt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AQvitUJk9d885DFCQLrTGfu7DyYcYJf9NdbJA5l2vnMTpwmE7Gj8jfcL-h87m34W7qf49RvIuD1jGd1AT-xAx4FbCeDgCZTmdSyw&google_hm=CnW1Vqe3SmqdDQHt4yZwqA
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AQvitUJk9d885DFCQLrTGfu7DyYcYJf9NdbJA5l2vnMTpwmE7Gj8jfcL-h87m34W7qf49RvIuD1jGd1AT-xAx4FbCeDgCZTmdSyw&google_hm=CnW1Vqe3SmqdDQHt4yZwqA
pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
cache-control
no-cache
content-length
0
request-time
1
expires
-1
pixel
cm.g.doubleclick.net/ Frame 22F6
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAM9_DxIl4YOIyMd0tTaQo4&google_cver=1&google_push=AQvitUJ6i7V8PIAIqqKeZgOr...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ6i7V8PIAIqqKeZgOr8TYzHB_1xbGTKJ8X0Lv7LaLwzuTwHVw0thvZ5E6LCvrSjPlSLGSFV88dN9G_iuybhnnZdqhBcQaRsg&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ6i7V8PIAIqqKeZgOr8TYzHB_1xbGTKJ8X0Lv7LaLwzuTwHVw0thvZ5E6LCvrSjPlSLGSFV88dN9G_iuybhnnZdqhBcQaRsg&google_hm=
Requested by
Host: www.dailythanthi.com
URL: https://www.dailythanthi.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ6i7V8PIAIqqKeZgOr8TYzHB_1xbGTKJ8X0Lv7LaLwzuTwHVw0thvZ5E6LCvrSjPlSLGSFV88dN9G_iuybhnnZdqhBcQaRsg&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Sun, 30 May 2021 01:38:58 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 22F6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IRjjgUq0apFtSfTqC1Ag5ifhhRxKbqcvLCrgl5If64F3OfP1-tiRgU08sbZFOYdrTNqA0EKQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=250&slotname=8071442581&adk=1791281496&adf=2632948842&pi=t.ma~as.8071442581&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425138159&bpp=2&bdt=1416&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=1081478119&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=202&biw=1600&bih=1200&isw=300&ish=250&ifk=1762975595&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C44743003&oid=3&pvsid=3784595887177500&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18obczk3120a&fsb=1&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame 5761 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuda1oJkxK-rDV_xUcmr2ohDclxwdmPShrzfrI9_cE8CL2FMH6KuvK1XDitvPD2iXSB64Kr_5lSbAJ-npl1IF5G_gJ_f4DDE-nKdlDEWFU&sig=Cg0ArKJSzDNA3HY3X7btEAE&id=lidar2&mcvt=1004&p=1110,284,1200,1012&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20210526&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3266266796&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622425136750&dlt=0&rpt=203&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
pagead2.googlesyndication.com/bg/ Frame A0C2 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5529888893498232&output=html&h=250&slotname=8071442581&adk=1791281496&adf=2632948842&pi=t.ma~as.8071442581&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.dailythanthi.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622425138159&bpp=2&bdt=1416&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3Dc15c5e7fd1b40a52-222837cf58c8006e%3AT%3D1622425137%3ART%3D1622425137%3AS%3DALNI_MbT13nlKzdgBlPhYydfpE2vMKWNNQ&correlator=7695781475912&frm=23&ife=4&pv=1&ga_vid=911410119.1622425136&ga_sid=1622425136&ga_hid=1081478119&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=202&biw=1600&bih=1200&isw=300&ish=250&ifk=1762975595&scr_x=0&scr_y=0&eid=42530672%2C21065725%2C44743003&oid=3&pvsid=3784595887177500&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18obczk3120a&fsb=1&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 19:57:48 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
20470
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5771
x-xss-protection
0
expires
Mon, 30 May 2022 19:57:48 GMT
rum
s.tribalfusion.com/cdn-cgi/ Frame 7134 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/cdn-cgi/rum?req_id=657c7c582d6d4dca
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://s.tribalfusion.com/p.media?clickID=acmTR8UcbfPP3wUdMPTbnY5barWaMmWEnlQEMZdQcBJRrixSWQdWGbS5rXsmWas0qyn4tMFQGrF26BZbotIyTHBaYF7i1Fjh1qqOSUJCWUr3TtQWmr7oQrjqXqFt3TJa4qrQmEMK1bB6WH7Xn6MZapsMrmHvF2Tvk2dZan4PvZaprMEXVfQ1cnV1VFvmqFW2rFVVrnBV6jYRTY2QsUqQHjrYtvuT6bu1V3kOuOycQ&mediaDataID=5436426&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://s.tribalfusion.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
657c7c5ebd0f4dca-FRA
vary
Origin
view
securepubads.g.doubleclick.net/pcs/ Frame DD17 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPmqcu_9Qo2S9xUhHmCTsWBRCBMx5or-QWUge7DyjFocy7FebRKevb4e3-L1dWlpVs3wclC-vy0RpxQ4iF8DFI2-T3oUWmM25_L4Sp8fKIxxrpyw7o61cseCAViQKZRKO_bDEHXkdzdtZvQ2rnXgCBGjT42elCIh5KFUkeNC6oNYQ_DQ3ChkKbi_zv0P7Cd-l8JD3Kn71iyd8DGuRMuApUVvEo2lPC1IVJ2AW8ynxlA_ckLxqRiq7chztutHQ4cYBEEfiHONyBI6WMka4_abZvADcVu6iqhHHPh7rUyD_DcEg-A9IbyBk9&sai=AMfl-YTpk-tp-xp0vgU2YSook2Mo_TSbU4ao8GJY_CGor9tYb5OXmu6qnVuHoChTfbL7aeYKF6F5JzuH_ltqg0gNMYvw-uQk3fyFak9bYx3jVgpn3Uc-pL-MjApUmsQ55Cs&sig=Cg0ArKJSzHac4WEdXlt5EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 May 2021 01:38:59 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DD17 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210524&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5529888893498232&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85d81a095f83dd52af94c0e690a76c449c27a73d64ef470a297201ec968e3a80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8231
x-xss-protection
0
rum
s.tribalfusion.com/cdn-cgi/ Frame 9CEB 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/cdn-cgi/rum?req_id=657c7c594ec34dca
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://s.tribalfusion.com/p.media?clickID=aKmTR81E3t3TZbl4avQoaJB1rf7UdZb0nAQBnV3mmtvC5EY92dAr5PvKmF3JXsvS1cQTXV7xnTvW5FZbVVU7ZcWPn1QEv0QVUqSHUt0HvtT6QM4sYUXUYZbV6qt56Zb9R67K2HYy0HBCptIx363Y4VvdVVU8UcjkSAnMTtvRTbM05bEuWajoTTMlPa3LRsBAQUupRt79VsfR2U2smtisXEPp4dbZdSGrHYPUyyNjQHf&mediaDataID=4056396&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://s.tribalfusion.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
657c7c5f3d984dca-FRA
vary
Origin
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DD17 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5529888893498232&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 31 May 2021 01:38:59 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 5702 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sun, 30 May 2021 22:29:49 GMT
expires
Mon, 30 May 2022 22:29:49 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
11350
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E676 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7fc39943077a29a169ac13eed2390b652207ab8c248abca2fa560c1c1a62d17d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R0Yn7PbPGd4xNf76oaF3Hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

expires
Mon, 31 May 2021 01:38:59 GMT
date
Mon, 31 May 2021 01:38:59 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-R0Yn7PbPGd4xNf76oaF3Hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
pagead2.googlesyndication.com/bg/ Frame 5702 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 19:57:48 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
20471
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5771
x-xss-protection
0
expires
Mon, 30 May 2022 19:57:48 GMT
beacon.min.js
static.cloudflareinsights.com/ Frame 14A1 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a8mTR80bnb1UBgXqanRrMEWUZbYWWr3nFfxPFJq1qUt3TBc5qQYmEMEXFjaUtjPoAMDpVvmoHfA5TFh3d6N5PfJmUjG0V3RYsFT1svNpTZbP5U32Wr7FVm33Qqb0ScQMQdBs1dvwTmnw4s3UYrYZcVAmr2P3aQmJF3Hnm1HBKpdEo5mBR3sYgVVUbUsFlSmFuUWFRTUn35r6rWarmVanlSTBFQVQJWUaCnxpZd2p&mediaDataID=8039566&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
657c7c5f9c144ecd-FRA
cf-request-id
0a61ac0fbb00004ecd99057000000001
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 14A1
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b24&u=18072662184062536680&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662184062536680
0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662184062536680
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a8mTR80bnb1UBgXqanRrMEWUZbYWWr3nFfxPFJq1qUt3TBc5qQYmEMEXFjaUtjPoAMDpVvmoHfA5TFh3d6N5PfJmUjG0V3RYsFT1svNpTZbP5U32Wr7FVm33Qqb0ScQMQdBs1dvwTmnw4s3UYrYZcVAmr2P3aQmJF3Hnm1HBKpdEo5mBR3sYgVVUbUsFlSmFuUWFRTUn35r6rWarmVanlSTBFQVQJWUaCnxpZd2p&mediaDataID=8039566&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.25.144 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
144.25.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
341
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
657c7c5f9dfe4dca-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662184062536680
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a61ac0fbb00004dca07310000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DD17 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210524&jk=3784595887177500&bg=!UFOlUxfNAAaMan2LjGo7ACkAdvg8WgyIviaXzFHqUa563aQR-OFQPNH67J26EwzjDBQKyZdz9OLK1AIAAABGUgAAAAxoAQeZAmrng8q-snPxXdhybe1FuCT4nh21oUzWg_wcdRp6EbBBUhYXWfqv9kgrAFHVIvdS2v57mZUafV4KthT_EMCvF13xq_ZotvaKMgi6nt4VNJGGr1wAzuEgXrquhZNiVw-HVdonCeg97rckpsxE82zsGpt7JEi8hW4D_TUu_-ctS-AyL0Y43YcwoME4c0CTBHh58pL3yRI-yu-HaV2NSWtei22VNpZP-imt2Lr4HrCN6s7Xbo7EQQnJmKSM5G706YKcHFYol0bK2vZC-FGA7O3oM4mlDJLTn-zaEICqyIDkEyemOd65Wwiy2gOOEfYpuHBsL-7uEz16U2yZIeO7XAyaSWOEzAt6tHZV37-0CFN9qq9rlYqzjty173EM0h-GQsZpT71qJB1-PVc6q5BWhxRQTfOd0cX56Cyz3g9iLJb5k4V0jjruTu9XZ3Eb7Pl-JigkFocyoNFjJRg388xCWC_yDXPZkuBCqfVKjPHAdso-DVcQ7xy7JBNPKqp2PwQfL7fdYHZAM-jjcAOGlwMc8dwOLztDi9DoIvITzMJiBQmOhU0c4kwGFHlZrgSdZiFEcFK9k_xH8Qc6q0q4kCZxJvw81fyaTlWrG2Vqmn_8OeeqB0P1zlupqShCX1K3fwSal4irEimcW_jyOMlYX5KO1fCFDpWN4nEB5-sz3tawC_0rDKXxhbq3mm3QLXp2RFuvNmcMewiS_pbz1Mz5o4SXZ7mt_gMsuPhWPysPcqmd2lvJT2t915jP3F8OFH_yLMVDcXsfxcZ_1zs1WNeRsjOPY8D7btxF0XOJRbgFb0Hc8hKCtXCpmWwzhhVrJUUC-OU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0ABC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZSzJrbifyJP5CsAw0DwqJ2PZ-TE9GVcMF_uoNzeaKj5sK6SVE6aFy4UuOXUGTCgURFn1chs9oP8ulZ50yTcmcU2jIieUh3SDy3jd76MB0OGUs0oa5jWfF_DL8lTeywl-L3baLUBaHV3rBCR4lPj7UbYf58d_TmMSQ-D_Kzh3XCbUhp3KgTkSWLjkUaQDprOWKNeLcWRmAPuhA8h9YrAJKC3RjOOYjxW8y8h5KrT0ShUje8mmAIGGtPS8MVRaN8LE3oK8o0C6tixwB6k4f1dbaUNmNLd43QupdSj7yJsfsQOIlpG0a&sai=AMfl-YSxj4rzeNo34TcDxUlkQsKxl7vlzBfYk1XNDGQXGGYl1au9HEw9lezAG_cwLzE5yMaPWRgQciGtsM4B432VIkMdkOf1x3jMT92c44WWkKuSC65kllB0aA5w3J7A2cw&sig=Cg0ArKJSzLDtGxyymmZtEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 May 2021 01:38:59 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0ABC 		10 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210524&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5529888893498232&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fcfcd553cfa4d7d8fdeafd07bc83c647bea4b5007ebf0ef1899e7acc361f909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 May 2021 01:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7581
x-xss-protection
0
rum
s.tribalfusion.com/cdn-cgi/ Frame 14A1 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/cdn-cgi/rum?req_id=657c7c582d614dca
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://s.tribalfusion.com/p.media?clickID=a8mTR80bnb1UBgXqanRrMEWUZbYWWr3nFfxPFJq1qUt3TBc5qQYmEMEXFjaUtjPoAMDpVvmoHfA5TFh3d6N5PfJmUjG0V3RYsFT1svNpTZbP5U32Wr7FVm33Qqb0ScQMQdBs1dvwTmnw4s3UYrYZcVAmr2P3aQmJF3Hnm1HBKpdEo5mBR3sYgVVUbUsFlSmFuUWFRTUn35r6rWarmVanlSTBFQVQJWUaCnxpZd2p&mediaDataID=8039566&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://s.tribalfusion.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
657c7c60efba4dca-FRA
vary
Origin
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0ABC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5529888893498232&plah=www.dailythanthi.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 31 May 2021 01:38:59 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 33D1 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sun, 30 May 2021 22:29:49 GMT
expires
Mon, 30 May 2022 22:29:49 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
11350
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame F67E 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a2b7c7cc08ce57578d831f83eed44cdf9424055b1d69b30c18eff2f5ee5b4735
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TLSdMIpfdW4fHFBlFrA23A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

expires
Mon, 31 May 2021 01:38:59 GMT
date
Mon, 31 May 2021 01:38:59 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-TLSdMIpfdW4fHFBlFrA23A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
pagead2.googlesyndication.com/bg/ Frame 33D1 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 19:57:48 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
20471
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5771
x-xss-protection
0
expires
Mon, 30 May 2022 19:57:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0ABC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210524&jk=1815453050058392&bg=!YmGlYSXNAAaMan2LjGo7ACkAdvg8WluZyGyLMiqgQfofX5xGfuyHJwaDKNPIytShnyO_9TZAmtGplQIAAABDUgAAAApoAQcKANs-WNkJBuV1lrYOo8T4xRuL3UCKpDMAQL0aZgX1iSPZaFhB3fFm3TOpB1H7RAh6aAY305O7KJNnn6fDe2tC_V9qA-p9Na7UyUphivQ3s7fFefvUJp8oMvF5o0o8JpSlUhUd3xy_7DcG11CtMOF8zg5kHNB44OSNo3x9xWJ_ky4QTeB0pRtNB4M06eE_rB_I7tu1NN1Y1vTZsULF_X07loqsM1B0uvXoxsDrUT3TIO9ZTGLFAG0XJrG0cdd3Ylur7qONGT7-uK-n3wWD-Xim3qCR2USpJBwdPwm572SZAm2iF3nLLRAhukjyP51dBSK7SZMjzgcwjWgXY6JkJZ2afBXj2hc-xrhTjkiSlSnt-MLceJz1LNe1PWcXz5j9vb1KRmZaKu3v3MekWLzG6SCW8pYcc9SLxLFVlNsUYNUeeB5k8IauaharKBftn11i7ql7tJ_7HGTKcNuLgmKWL_6JMyZhoVoxTEhuQCrFWCIByfa3SPjrD1PkiaRjMKYpdrkoHsEvVRZSzYlMPWDhMr5gQiKTWUBncNPijSejQqKDKWX_1JXdCtRuKL52hUMrb9GvDgTKF8_y-fML9DCWRF-_nS4dPrj_bFA9cScuZFjJE2mQnXpD7kNAmrTSuduqM4QalnqB9Bn51SD11JuJr4KVhduZUp1KjstjDBJvLbR4UaD3bDMUkOBC1xK8fnQelSFLN94m3D5qSMoC7k4-ct-iKUaKKmo8Utgkdw6yISC7TaOQfgOaX5yxZY0hnLcWWvQztbFxxZYJ_Kv1895jJ3tVACUODbQJJX-gRF9PoAWg1eDuTrtKbCRc6EnQ2plGDVPkBOaxkYDyMvQWIvcLjNXODKygWYIc0Cu4NKnNmgaiZqGNhNUOXYIcfY37S043Msbie1Gxc_SdDg0jawarv3rpqkDsCs8tksO1nc3cxy2EKvMidPB_S1Bv_bWrxjQNpJYs-B7ha-ZLybs0wRgipBxXOra7oUFCpCGX0OrDCSX-nn8MOa3MBPIKAfkxQPoSvSge6cgda1_MuDLyTKVmiEcg0hdiMGzQ6VRqofK6dgb2HgFrtgMVoJbgQcDPrvmxDSUcFHy-4S8tLicEfZ0ZWDaNsjeGRRKCPdWqABROUBo
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/usync/ Frame 803E 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1622425136224
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1622425136224
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4159 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=33A20561-9671-4312-AAFA-7800C6761A6F; KRTBCOOKIE_1051=22884-18072662184062536680; PugT=1622425136; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=161963
expires
Tue, 01 Jun 2021 22:38:22 GMT
date
Mon, 31 May 2021 01:38:59 GMT
vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame FFF1 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
018ebd8a1ce51b1b47a9470603ce8a7ccdad7c2a19618c2fcf2cdb51400a35bc

Request headers

:method
GET
:authority
public.servenobid.com
:scheme
https
:path
/sync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

cache-control
max-age=86400
content-type
text/html
content-encoding
br
last-modified
Wed, 26 May 2021 22:17:58 GMT
accept-ranges
bytes
etag
"55549ccf6b1078e3f1c5d9d672a8ffb3"
server
AmazonS3
x-cache
TCP_HIT
x-amz-id-2
Tx5Iu9CniGmCvxFewHF53sky2aa6zcXkIEl4qmhEMNMSQH7Xgen7sDtF2Go46/AXkNWTWYiP+pE=
x-amz-request-id
N45HSFKWVM3FW48V
x-azure-ref-originshield
0CBC0YAAAAAC21CIw8tDIQ7Hx5xB3ATMQTE9OMjFFREdFMDIxOQA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref
0Mz60YAAAAABdLpV3447aSZRWrd+sGVESWlJIRURHRTA2MjEAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date
Mon, 31 May 2021 01:38:59 GMT
check.html
biddr.brealtime.com/ Frame A53D 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailythanthi.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

Date
Mon, 31 May 2021 01:38:59 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
q6oXyGsuXCKOZ9D1x80oW+Sbu+qJQ9E+FbVw3cTUPQs2fXOI61uR2UBpqjYlw+BgSIJdW+yW6uo=
x-amz-request-id
289H8Z8FZ2YP2EST
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
2188
Expires
Mon, 31 May 2021 01:39:59 GMT
Cache-Control
public, max-age=60
cf-request-id
0a61ac11e0000033196799d000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
657c7c630f2c3319-CDG
Content-Encoding
gzip
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 3739 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50

Request headers

:method
GET
:authority
cdn.aralego.net
:scheme
https
:path
/ucfad/cookie/sync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailythanthi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
content-type
text/html
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
5682
cf-request-id
0a61ac11c3000007463a03d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YvuwTpcJYbOd4Qji41s1JbhcOc2OR1%2BSgIOdQESCLNPL182bHzHtOFbifyOv3B6Rhgju%2BG91MMxzfuK4X4RPz2RbukqbohPiJkbr2jAQjcJCRDkjqcHJ%2FjY3adlFRHIRmmCMGmOKfP4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
657c7c62ddf50746-FRA
content-encoding
br
async_usersync.html
acdn.adnxs.com/dmp/ Frame 940C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailythanthi.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailythanthi.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sat, 29 May 2021 04:37:16 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Mon, 31 May 2021 01:38:59 GMT
Age
75701
X-Served-By
cache-lga13625-LGA, cache-hhn4042-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 1255756
X-Timer
S1622425140.651534,VS0,VE0
Vary
Accept-Encoding
/
onetag-sys.com/usync/ 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
bounce
ib.adnxs.com/ Frame 940C
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 01:38:59 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.69:80
AN-X-Request-Uuid
73acb9f5-9bdb-4aa6-8b08-85294a76ae6d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 May 2021 01:38:59 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.87:80
AN-X-Request-Uuid
e532a595-a128-43e8-9b40-33e07bab2db6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
idsync
sync.aralego.com/ Frame 3739 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 31 May 2021 01:39:00 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 4159 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49682061&p=159448&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
85d6300fc6a0ccecce0198517298ba81e159c64a3e1def0ebea315bcc84444fe

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
13926
g2.gumgum.com/usync/ Frame 6042 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
699e4ad68a743c6fd6c4100da962aebddfc79b7a00694d22b57a3015b4362a11

Request headers

:method
GET
:authority
g2.gumgum.com
:scheme
https
:path
/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://public.servenobid.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://public.servenobid.com/

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_c656f75f-ec49-44fe-8c83-0e1e43441da4; Domain=.gumgum.com; Expires=Tue, 31-May-2022 01:38:59 GMT; Path=/; Secure; SameSite=None
etag
W/"0ee87298837b48f4a606795dc49081f66"
timing-allow-origin
*
content-encoding
gzip
ps
pixel.33across.com/ Frame 461B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.24 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-110.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

:method
GET
:authority
pixel.33across.com
:scheme
https
:path
/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://public.servenobid.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://public.servenobid.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Mon, 31 May 2021 01:38:59 GMT
/
onetag-sys.com/usync/ Frame CCA9 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://public.servenobid.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://public.servenobid.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame FD82 		965 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
a31a63105c78f736853702b5693e8388a960a33209e069b3f244f8b6212c42cb

Request headers

Host
ssbsync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://public.servenobid.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://public.servenobid.com/

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
content-type
text/html
content-length
965
set-cookie
pid=8675874220608512591; expires=Fri, 01 Jul 2022 01:37:59 GMT; domain=smartadserver.com; path=/; samesite=None; secure; samesite=none
sync
ads.servenobid.com/ Frame FFF1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=1533053419439808255
0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=1533053419439808255
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-172-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 May 2021 01:38:59 GMT
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
content-length
0
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin

Redirect headers

Pragma
no-cache
Date
Mon, 31 May 2021 01:38:59 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.69:80
AN-X-Request-Uuid
ec86d7d3-87de-400b-9d97-966db02becf6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=1533053419439808255
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame FFF1
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=310&uid=74da3df3821cf0f549a07d60
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=74da3df3821cf0f549a07d60
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-172-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 May 2021 01:38:59 GMT
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
content-length
0
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin

Redirect headers

Date
Mon, 31 May 2021 01:38:59 GMT
Server
nginx
Location
https://ads.servenobid.com/sync?pid=310&uid=74da3df3821cf0f549a07d60
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
usersync
rtb.gumgum.com/ Frame FFF1
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=808803478
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=808803478
  • https://sync.1rx.io/usersync/tradedesk/57284d1d-5fd4-4623-9a7b-431c93c67e98
  • https://sync.targeting.unrulymedia.com/csync/RX-91a7f0a6-762c-405e-bc0e-5e43dfcdbd81-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-91a7f0a6-762c-405e-bc0e-5e43dfcdbd81-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-91a7f0a6-762c-405e-bc0e-5e43dfcdbd81-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-91a7f0a6-762c-405e-bc0e-5e43dfcdbd81-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-91a7f0a6-762c-405e-bc0e-5e43dfcdbd81-003
date
Mon, 31 May 2021 01:38:59 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX91a7f0a6762c405ebc0e5e43dfcdbd81003
content-type
text/html
101954
jadserve.postrelease.com/suid/ Frame FFF1 		43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.172.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-172-63.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ads.servenobid.com/ Frame FFF1
Redirect Chain
  • https://cs.admanmedia.com/sync/durationmedia?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%7B%24UID%7D
  • https://ads.servenobid.com/sync?pid=328&uid=61c065ec1696f79439e719708577bce141ab5263
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=328&uid=61c065ec1696f79439e719708577bce141ab5263
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-172-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 May 2021 01:38:59 GMT
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
content-length
0
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin

Redirect headers

Location
https://ads.servenobid.com/sync?pid=328&uid=61c065ec1696f79439e719708577bce141ab5263
Date
Mon, 31 May 2021 01:38:59 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
sync
ads.servenobid.com/ Frame FFF1
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1871316020468957530
0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1871316020468957530
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-172-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 May 2021 01:38:59 GMT
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
content-length
0
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1871316020468957530
Date
Mon, 31 May 2021 01:38:59 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
truncated
/ Frame E74B 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab64b473a6f900a8278e8b2058930c7007fffe55526a313629d2311880c7c5a0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
match
c1.adform.net/serving/cookie/ Frame 2917
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=33A20561-9671-4312-AAFA-7800C6761A6F
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=33A20561-9671-4312-AAFA-7800C6761A6F
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=33A20561-9671-4312-AAFA-7800C6761A6F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=33A20561-9671-4312-AAFA-7800C6761A6F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 May 2021 01:38:59 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=2570149066369207719; expires=Fri, 30 Jul 2021 01:38:59 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Mon, 31 May 2021 01:38:59 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=33A20561-9671-4312-AAFA-7800C6761A6F
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Wed, 30 Jun 2021 01:38:59 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 6EA9
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1061992924367217288
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1061992924367217288
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1061992924367217288
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=33A20561-9671-4312-AAFA-7800C6761A6F; KRTBCOOKIE_1051=22884-18072662184062536680; PUBMDCID=3; chkChromeAb67Sec=1; DPSync3=1623628800%3A201_197_219%7C1622505600%3A174; SyncRTB3=1623628800%3A220_56_7_54_13_161_3_166_234_21_81_71_8_22%7C1623024000%3A15_2_223%7C1625011200%3A203%7C1623715200%3A35%7C1623283200%3A63; KRTBCOOKIE_1101=23040-6968262912217381009; SPugT=1622425139; KRTBCOOKIE_57=22776-1533053419439808255; KRTBCOOKIE_80=22987-CAESEPtajlyFqj3YPL2tUZkP3b0&KRTB&16514-CAESEPtajlyFqj3YPL2tUZkP3b0&KRTB&23025-CAESEPtajlyFqj3YPL2tUZkP3b0; KRTBCOOKIE_153=19420-hI773YHbqtif3PyP0Yq03Irc_9GfifzZ1Iwh1W2N&KRTB&22979-hI773YHbqtif3PyP0Yq03Irc_9GfifzZ1Iwh1W2N; KRTBCOOKIE_27=16735-uid:1b2260b4-3e33-4500-a777-7804d967d36d&KRTB&16736-uid:1b2260b4-3e33-4500-a777-7804d967d36d&KRTB&23019-uid:1b2260b4-3e33-4500-a777-7804d967d36d&KRTB&23114-uid:1b2260b4-3e33-4500-a777-7804d967d36d; PugT=1622425138; KRTBCOOKIE_391=22924-2781842312086406575&KRTB&23263-2781842312086406575; KRTBCOOKIE_377=6810-57284d1d-5fd4-4623-9a7b-431c93c67e98&KRTB&22918-57284d1d-5fd4-4623-9a7b-431c93c67e98&KRTB&23031-57284d1d-5fd4-4623-9a7b-431c93c67e98
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 May 2021 01:38:59 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-1061992924367217288; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 30-Jun-2021 01:38:59 GMT; path=/ PugT=1622425139; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 30-Jun-2021 01:38:59 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 29-Aug-2021 01:38:59 GMT; path=/
x-lat
lhrpug003:0:360
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1061992924367217288
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 9914
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
42 B
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=33A20561-9671-4312-AAFA-7800C6761A6F; KRTBCOOKIE_1051=22884-18072662184062536680; PUBMDCID=3; chkChromeAb67Sec=1; DPSync3=1623628800%3A201_197_219%7C1622505600%3A174; SyncRTB3=1623628800%3A220_56_7_54_13_161_3_166_234_21_81_71_8_22%7C1623024000%3A15_2_223%7C1625011200%3A203%7C1623715200%3A35%7C1623283200%3A63; KRTBCOOKIE_1101=23040-6968262912217381009; PugT=1622425138
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 May 2021 01:38:58 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 29-Aug-2021 01:38:58 GMT; path=/
x-lat
amspug003:0:329
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

cache-control
no-cache
pragma
no-cache
content-type
text/html; charset=utf-8
expires
Mon, 31 May 2021 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
6398
x-powered-by
ASP.NET
date
Mon, 31 May 2021 01:38:59 GMT
content-length
205
Pug
simage2.pubmatic.com/AdServer/ Frame CEAF
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968262912217381009
42 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968262912217381009
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968262912217381009
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=33A20561-9671-4312-AAFA-7800C6761A6F; KRTBCOOKIE_1051=22884-18072662184062536680; PugT=1622425136; PUBMDCID=3; chkChromeAb67Sec=1; DPSync3=1623628800%3A201_197_219%7C1622505600%3A174; SyncRTB3=1623628800%3A220_56_7_54_13_161_3_166_234_21_81_71_8_22%7C1623024000%3A15_2_223%7C1625011200%3A203%7C1623715200%3A35%7C1623283200%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 May 2021 01:38:58 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6968262912217381009; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 30-Jun-2021 01:38:58 GMT; path=/ PugT=1622425138; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 30-Jun-2021 01:38:58 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 29-Aug-2021 01:38:58 GMT; path=/
x-lat
amspug001:0:383
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Mon, 31 May 2021 01:38:59 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6968262912217381009; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968262912217381009
adx
match.prod.bidr.io/cookie-sync/ Frame BB35
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBWDNVN0JhSHdBQUREWkZBdk1KUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.13.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-13-173.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bito=AAAX3U7BaHwAADDZFAvMJQ; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Mon, 31 May 2021 01:38:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Mon, 31 May 2021 01:38:59 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Pug
simage2.pubmatic.com/AdServer/ Frame F57D
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
107 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=33A20561-9671-4312-AAFA-7800C6761A6F; KRTBCOOKIE_1051=22884-18072662184062536680; PugT=1622425136; PUBMDCID=3; chkChromeAb67Sec=1; DPSync3=1623628800%3A201_197_219%7C1622505600%3A174; SyncRTB3=1623628800%3A220_56_7_54_13_161_3_166_234_21_81_71_8_22%7C1623024000%3A15_2_223%7C1625011200%3A203%7C1623715200%3A35%7C1623283200%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 May 2021 01:38:59 GMT
content-type
text/html; charset=utf-8
x-lat
amspug002:2:247
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=ebbb907e-eb9a-4695-812d-3061f425ed4a; path=/; domain=csync.loopme.me; Expires=Wed, 30-Jun-2021 01:38:59 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Mon, 31 May 2021 01:38:59 GMT
server
_
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4159
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=M6IFYZZxQxKq-ngAxnYabw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
content-encoding
gzip
last-modified
Wed, 21 Oct 2020 18:57:29 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-1f78-5b232eb4914bb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=144420
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
2654
expires
Tue, 01 Jun 2021 17:45:59 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 4159
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=38d860b4-3e33-4900-b378-f6f7ceb45b3d
0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=38d860b4-3e33-4900-b378-f6f7ceb45b3d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection
close
date
Mon, 31 May 2021 01:38:59 GMT
content-encoding
gzip
server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache
content-type
text/plain; charset=utf-8

Redirect headers

Date
Mon, 31 May 2021 01:40:43 GMT
Server
MT3 3736 915c305 master cdg-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=38d860b4-3e33-4900-b378-f6f7ceb45b3d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 May 2021 01:40:42 GMT
/
pixel.onaudience.com/ Frame 4159
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=33A20561-9671-4312-AAFA-7800C6761A6F
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4201efda2e0da1cf9d46f441f246b5fd
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=1e4346461f18c117f45cb2c070d79ad2
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=1e4346461f18c117f45cb2c070d79ad2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.59.148.16 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3181477.ip-146-59-148.eu
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Mon, 31 May 2021 01:39:03 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=1e4346461f18c117f45cb2c070d79ad2
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 4159
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzNBMjA1NjEtOTY3MS00MzEyLUFBRkEtNzgwMEM2NzYxQTZG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:410
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4159
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPtajlyFqj3YPL2tUZkP3b0&google_cver=1
42 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPtajlyFqj3YPL2tUZkP3b0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:384
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPtajlyFqj3YPL2tUZkP3b0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 4159 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 30 May 2021 01:38:59 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4159
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2781842312086406575
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2781842312086406575
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:446
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2781842312086406575
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 4159
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1b2260b4-3e33-4500-a777-7804d967d36d&gdpr=0&gdpr_consent=
42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1b2260b4-3e33-4500-a777-7804d967d36d&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:396
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 31 May 2021 01:40:43 GMT
Server
MT3 3736 915c305 master cdg-pixel-x3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1b2260b4-3e33-4500-a777-7804d967d36d&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 May 2021 01:40:42 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4159
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=57284d1d-5fd4-4623-9a7b-431c93c67e98
42 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=57284d1d-5fd4-4623-9a7b-431c93c67e98
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:396
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=57284d1d-5fd4-4623-9a7b-431c93c67e98
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 4159
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1533053419439808255&gdpr=0&gdpr_consent=
42 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1533053419439808255&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:350
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 31 May 2021 01:38:59 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.240:80
AN-X-Request-Uuid
fac08e36-4f1c-41ec-aff9-4df268d7305a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1533053419439808255&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
33A20561-9671-4312-AAFA-7800C6761A6F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 4159 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/33A20561-9671-4312-AAFA-7800C6761A6F?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 4159
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=33A20561-9671-4312-AAFA-7800C6761A6F&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zHGuYhhE2uWFrrkF6KHgXGLdm.5Ez88-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zHGuYhhE2uWFrrkF6KHgXGLdm.5Ez88-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 31 May 2021 01:38:59 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zHGuYhhE2uWFrrkF6KHgXGLdm.5Ez88-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 4159
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hI773YHbqtif3PyP0Yq03Irc_9GfifzZ1Iwh1W2N
42 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hI773YHbqtif3PyP0Yq03Irc_9GfifzZ1Iwh1W2N
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:442
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hI773YHbqtif3PyP0Yq03Irc_9GfifzZ1Iwh1W2N
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
x.bidswitch.net/ Frame 4159
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ums.acuityplatform.com/bum?tpid=29&uid=51090e69-3b5a-40f9-9ad9-071ba4a282c6&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=582531990350&expires=30&user_group=1&ssp=Pubmatic
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=236&user_id=582531990350&expires=30&user_group=1&ssp=Pubmatic
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.140.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:39:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://x.bidswitch.net/sync?dsp_id=236&user_id=582531990350&expires=30&user_group=1&ssp=Pubmatic
Pug
simage2.pubmatic.com/AdServer/ Frame 4159
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLQ_NAABOE1WBQBg&gdpr=0&gdpr_consent=&_test=YLQ_NAABOE1WBQBg
1 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLQ_NAABOE1WBQBg&gdpr=0&gdpr_consent=&_test=YLQ_NAABOE1WBQBg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:367
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 01:39:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1622425141.933146,VS0,VE0
x-served-by
cache-hhn4080-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLQ_NAABOE1WBQBg&gdpr=0&gdpr_consent=&_test=YLQ_NAABOE1WBQBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4159
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6919586988451199564&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6919586988451199564&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:58 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:306
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6919586988451199564&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 4159
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a07e6ba0-d3dd-4d2b-8796-86ba97c504e9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a07e6ba0-d3dd-4d2b-8796-86ba97c504e9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:39:02 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:272
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a07e6ba0-d3dd-4d2b-8796-86ba97c504e9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 31 May 2021 01:39:02 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 4159 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=33A20561-9671-4312-AAFA-7800C6761A6F&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sync
ads.servenobid.com/ Frame FD82 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=8675874220608512591&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-172-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 May 2021 01:38:59 GMT
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
content-length
0
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
sync
ssbsync.smartadserver.com/api/ Frame FD82
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D22%26buid%3DYOUR_USER_ID
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D22%26buid%3DYOUR_USER_ID
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=22&buid=7966870458595169191
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=22&buid=7966870458595169191
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
server
nginx
location
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=22&buid=7966870458595169191
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame FD82
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D86%26buid%3D$UID
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=86&buid=1533053419439808255
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=86&buid=1533053419439808255
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 31 May 2021 01:38:59 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.16:80
AN-X-Request-Uuid
85662dae-2dfb-47b3-96fc-662bc3e5f58a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=86&buid=1533053419439808255
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ssbsync.smartadserver.com/api/ Frame FD82
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D66%26buid%3D%7Bamob_user_id%7D
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=66&buid=064b2204026380da7af04120
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=66&buid=064b2204026380da7af04120
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:39:00 GMT
content-length
0

Redirect headers

Location
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=66&buid=064b2204026380da7af04120
Date
Mon, 31 May 2021 01:39:00 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
sync
ssbsync.smartadserver.com/api/ Frame FD82
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gd...
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=100&buid=80400fab-a378-4d05-b24a-9acbde2152d0
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=100&buid=80400fab-a378-4d05-b24a-9acbde2152d0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
content-length
0

Redirect headers

date
Mon, 31 May 2021 01:38:59 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=100&buid=80400fab-a378-4d05-b24a-9acbde2152d0
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 6042
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=1533053419439808255
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=1533053419439808255
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 31 May 2021 01:38:59 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.243:80
AN-X-Request-Uuid
682e8474-46db-4ef4-98aa-0a8e3b7c15fa
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=1533053419439808255
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 6042
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_c656f75f-ec49-44fe-8c83-0e1e43441da4&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_c656f75f-ec49-44fe-8c83-0e1e43441da4&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=51090e69-3b5a-40f9-9ad9-071ba4a282c6
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=51090e69-3b5a-40f9-9ad9-071ba4a282c6
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=40bf545f-4b4e-4c0f-8976-d526ad1bc9bd&ssp=gumgum2&expires=30&user_group=5&bsw_param=51090e69-3b5a-40f9-9ad9-071ba4a282c6
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=40bf545f-4b4e-4c0f-8976-d526ad1bc9bd&ssp=gumgum2&expires=30&user_group=5&bsw_param=51090e69-3b5a-40f9-9ad9-071ba4a282c6
  • https://rtb.gumgum.com/usersync?b=bsw&i=df71ae57-d223-43ba-8a89-ee264ea8446d
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=df71ae57-d223-43ba-8a89-ee264ea8446d
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:39:00 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=df71ae57-d223-43ba-8a89-ee264ea8446d
date
Mon, 31 May 2021 01:39:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
rtb.gumgum.com/ Frame 6042
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28ax_ww7BGtypSE1yGih4ke8bLWVhsiboQW03apt-1i-AvLbiZNZmirPEGhoh8zRhE%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28ax_ww7BGtypSE1yGih4ke8bLWVhsiboQW03apt-1i-AvLbiZNZmirPEGhoh8zRhE%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28ax_ww7BGtypSE1yGih4ke8bLWVhsiboQW03apt-1i-AvLbiZNZmirPEGhoh8zRhE%29
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:39:01 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28ax_ww7BGtypSE1yGih4ke8bLWVhsiboQW03apt-1i-AvLbiZNZmirPEGhoh8zRhE%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28ax_ww7BGtypSE1yGih4ke8bLWVhsiboQW03apt-1i-AvLbiZNZmirPEGhoh8zRhE%29
Date
Mon, 31 May 2021 01:39:01 GMT
Connection
close
X-TraceId
e4318f0013ec3612832c8954c807cf75
Content-Length
0
usersync
rtb.gumgum.com/ Frame 6042
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=62f43c23-1aaf-4a3f-92a3-341a30628850
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=62f43c23-1aaf-4a3f-92a3-341a30628850
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 31 May 2021 01:38:59 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=62f43c23-1aaf-4a3f-92a3-341a30628850
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 6042
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-b6a9b8cc-4da1-47a0-6b60-2696a5b4cee4$ip$89.249.64.171
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-b6a9b8cc-4da1-47a0-6b60-2696a5b4cee4$ip$89.249.64.171
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:39:03 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-b6a9b8cc-4da1-47a0-6b60-2696a5b4cee4$ip$89.249.64.171
Date
Mon, 31 May 2021 01:39:03 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 6042
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-C_fsId9E2pfs5PhB3bJwtWu1E8tWa11rA4_S~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-C_fsId9E2pfs5PhB3bJwtWu1E8tWa11rA4_S~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 31 May 2021 01:38:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-C_fsId9E2pfs5PhB3bJwtWu1E8tWa11rA4_S~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 6042
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=fadc799b-c1b0-11eb-aa26-957139fe0652
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=fadc799b-c1b0-11eb-aa26-957139fe0652
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:39:03 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=fadc799b-c1b0-11eb-aa26-957139fe0652
Date
Mon, 31 May 2021 01:39:03 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
fadc799c-c1b0-11eb-aa26-957139fe0652
services
sync.technoratimedia.com/ Frame 6042 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:39:03 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
864729794
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 6042 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:39:00 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame 6042
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_c656f75f-ec49-44fe-8c83-0e1e43441da4&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=plAJmFGj4q0LNHR9zaiU&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24DMIFFG2RSHNI2HCMCMJZEFEOL2MFUVKJTVONPXA...
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=plAJmFGj4q0LNHR9zaiU&us_privacy=1---
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=plAJmFGj4q0LNHR9zaiU&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:39:03 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 31 May 2021 01:39:03 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=plAJmFGj4q0LNHR9zaiU&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
118
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 6042
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=bc35c2a7-1b4a-44c5-af68-68447f7df6da
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=bc35c2a7-1b4a-44c5-af68-68447f7df6da
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:39:02 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=bc35c2a7-1b4a-44c5-af68-68447f7df6da
date
Mon, 31 May 2021 01:39:02 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 6042
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3363627944
  • https://sync.1rx.io/usersync/tradedesk/57284d1d-5fd4-4623-9a7b-431c93c67e98
  • https://sync.targeting.unrulymedia.com/csync/RX-91a7f0a6-762c-405e-bc0e-5e43dfcdbd81-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-91a7f0a6-762c-405e-bc0e-5e43dfcdbd81-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-91a7f0a6-762c-405e-bc0e-5e43dfcdbd81-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-91a7f0a6-762c-405e-bc0e-5e43dfcdbd81-003
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-91a7f0a6-762c-405e-bc0e-5e43dfcdbd81-003
date
Mon, 31 May 2021 01:38:59 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX91a7f0a6762c405ebc0e5e43dfcdbd81003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 6042
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=276cnmxHlV5b&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=276cnmxHlV5b&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:39:03 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=276cnmxHlV5b&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-555c8fd69d-7qzgs
expires
-1
sync
ads.servenobid.com/ Frame 6042 		0
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_c656f75f-ec49-44fe-8c83-0e1e43441da4
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-172-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 May 2021 01:38:59 GMT
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
content-length
0
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
usersync
rtb.gumgum.com/ Frame 493E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=1b2260b4-3e33-4500-a777-7804d967d36d&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=1b2260b4-3e33-4500-a777-7804d967d36d&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=1b2260b4-3e33-4500-a777-7804d967d36d&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_c656f75f-ec49-44fe-8c83-0e1e43441da4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 31 May 2021 01:40:43 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3736 915c305 master cdg-pixel-x16
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=1b2260b4-3e33-4500-a777-7804d967d36d&gdpr=0&gdpr_consent=
Expires
Mon, 31 May 2021 01:40:42 GMT
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame 954B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YLQ_NAABOA5WDwBg
85 B
158 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YLQ_NAABOA5WDwBg
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

:method
GET
:authority
sync-tm.everesttech.net
:scheme
https
:path
/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YLQ_NAABOA5WDwBg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
everest_g_v2=g_surferid~YLQ_NAABOE1WBQBg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

content-type
image/png
server
Jetty(9.4.35.v20201120)
accept-ranges
bytes
date
Mon, 31 May 2021 01:39:00 GMT
via
1.1 varnish
age
112
x-served-by
cache-hhn4080-HHN
x-cache
HIT
x-cache-hits
200
x-timer
S1622425141.933343,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
85

Redirect headers

p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
set-cookie
everest_g_v2=g_surferid~YLQ_NAABOA5WDwBg; Path=/; Domain=.everesttech.net; Expires=Tue, 31-May-2022 01:39:00 GMT; Max-Age=31536000;SameSite=None;Secure
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YLQ_NAABOA5WDwBg
server
Jetty(9.4.35.v20201120)
accept-ranges
bytes
date
Mon, 31 May 2021 01:39:00 GMT
via
1.1 varnish
x-served-by
cache-hhn4080-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1622425141.832826,VS0,VE93
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7759 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jNjU2Zjc1Zi1lYzQ5LTQ0ZmUtOGM4My0wZTFlNDM0NDFkYTQ=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV9jNjU2Zjc1Zi1lYzQ5LTQ0ZmUtOGM4My0wZTFlNDM0NDFkYTQ=&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkpb83zOUNZR_A1uJwRoRp-LpvtqLHREhRZ2A8Mn8Q2HMByfARbRsC2fzyRIag; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

content-type
image/png
date
Mon, 31 May 2021 01:38:59 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EF57 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=33A20561-9671-4312-AAFA-7800C6761A6F; KRTBCOOKIE_1051=22884-18072662184062536680; PUBMDCID=3; KCCH=YES; chkChromeAb67Sec=1; DPSync3=1623628800%3A201_197_219%7C1622505600%3A174; SyncRTB3=1623628800%3A220_56_7_54_13_161_3_166_234_21_81_71_8_22%7C1623024000%3A15_2_223%7C1625011200%3A203%7C1623715200%3A35%7C1623283200%3A63; KRTBCOOKIE_1101=23040-6968262912217381009; SPugT=1622425139; KRTBCOOKIE_57=22776-1533053419439808255; PugT=1622425139; KRTBCOOKIE_80=22987-CAESEPtajlyFqj3YPL2tUZkP3b0&KRTB&16514-CAESEPtajlyFqj3YPL2tUZkP3b0&KRTB&23025-CAESEPtajlyFqj3YPL2tUZkP3b0; KRTBCOOKIE_153=19420-hI773YHbqtif3PyP0Yq03Irc_9GfifzZ1Iwh1W2N&KRTB&22979-hI773YHbqtif3PyP0Yq03Irc_9GfifzZ1Iwh1W2N
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

last-modified
Wed, 21 Oct 2020 18:57:29 GMT
etag
"1300708-1f78-5b232eb4914bb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2654
content-type
text/html; charset=UTF-8
cache-control
max-age=144420
expires
Tue, 01 Jun 2021 17:45:59 GMT
date
Mon, 31 May 2021 01:38:59 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame F5C2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.24 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-110.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Mon, 31 May 2021 01:38:59 GMT
usersync
rtb.gumgum.com/ Frame E924
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=57284d1d-5fd4-4623-9a7b-431c93c67e98&t=1625017139
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=57284d1d-5fd4-4623-9a7b-431c93c67e98&t=1625017139
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=57284d1d-5fd4-4623-9a7b-431c93c67e98&t=1625017139
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_c656f75f-ec49-44fe-8c83-0e1e43441da4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 31 May 2021 01:38:59 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=57284d1d-5fd4-4623-9a7b-431c93c67e98&t=1625017139
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=57284d1d-5fd4-4623-9a7b-431c93c67e98; domain=.adsrvr.org; expires=Tue, 31-May-2022 01:38:59 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSACKAIyCwi2opiC8_fRORAFOAE.; domain=.adsrvr.org; expires=Tue, 31-May-2022 01:38:59 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame 209D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

content-type
text/html
date
Mon, 31 May 2021 01:39:02 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 51A7
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YLQ.N8Co5ssAACBVqPMAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YLQ.N8Co5ssAACBVqPMAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YLQ.N8Co5ssAACBVqPMAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 31 May 2021 01:39:03 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Mon, 31 May 2021 01:39:03 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YLQ.N8Co5ssAACBVqPMAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
1
X-SO-HostName
m-ad345.dc4p.scaleout.jp
X-SO-LB-Hostname
a-tgng40007.dc2p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":25,"gdpr":true,"ipv4":"0.0.0.0","key":"YLQ.N8Co5ssAACBVqPMAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad345"}
X-SO-Key
YLQ.N8Co5ssAACBVqPMAAAAA
X-SO-IP
89.249.64.171
X-SO-Cluster-ID
25
X-SO-Upstream-ID
m-ad345
usersync
rtb.gumgum.com/ Frame 609D
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=1871316020468957530
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=1871316020468957530
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=1871316020468957530
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_c656f75f-ec49-44fe-8c83-0e1e43441da4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 31 May 2021 01:38:59 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rud=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwMjAxs7A0NTc1NhDiM9R1No1IdAx2S3fMDAyS4jU0MzIyMTI1NLY0NzcBADwF71Q0AAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 25 Jun 2022 01:38:59 GMT; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmRkYmRqaGxpYWR-ShyJb25uAgB3oHWBIAAAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 25 Jun 2022 01:38:59 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwMjAxs7A0NTc1NhDiM9R1No1IdAx2S3fMDAwCAKZnGNYlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=1871316020468957530
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 7FE4
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=Obeu5kLKgKxX7AGr6lAD&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=Obeu5kLKgKxX7AGr6lAD&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=Obeu5kLKgKxX7AGr6lAD&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 31 May 2021 01:39:01 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 31 May 2021 01:39:01 GMT Mon, 31 May 2021 01:39:01 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=Obeu5kLKgKxX7AGr6lAD&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 97D0 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=33A20561-9671-4312-AAFA-7800C6761A6F; KRTBCOOKIE_1051=22884-18072662184062536680; PUBMDCID=3; KCCH=YES; chkChromeAb67Sec=1; DPSync3=1623628800%3A201_197_219%7C1622505600%3A174; SyncRTB3=1623628800%3A220_56_7_54_13_161_3_166_234_21_81_71_8_22%7C1623024000%3A15_2_223%7C1625011200%3A203%7C1623715200%3A35%7C1623283200%3A63; KRTBCOOKIE_1101=23040-6968262912217381009; SPugT=1622425139; KRTBCOOKIE_57=22776-1533053419439808255; KRTBCOOKIE_80=22987-CAESEPtajlyFqj3YPL2tUZkP3b0&KRTB&16514-CAESEPtajlyFqj3YPL2tUZkP3b0&KRTB&23025-CAESEPtajlyFqj3YPL2tUZkP3b0; KRTBCOOKIE_153=19420-hI773YHbqtif3PyP0Yq03Irc_9GfifzZ1Iwh1W2N&KRTB&22979-hI773YHbqtif3PyP0Yq03Irc_9GfifzZ1Iwh1W2N; KRTBCOOKIE_27=16735-uid:1b2260b4-3e33-4500-a777-7804d967d36d&KRTB&16736-uid:1b2260b4-3e33-4500-a777-7804d967d36d&KRTB&23019-uid:1b2260b4-3e33-4500-a777-7804d967d36d&KRTB&23114-uid:1b2260b4-3e33-4500-a777-7804d967d36d; PugT=1622425138
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=161963
expires
Tue, 01 Jun 2021 22:38:22 GMT
date
Mon, 31 May 2021 01:38:59 GMT
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 0F88 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFac_J77LE1JjBO4JqqzGv_c_W0MWRBB_pZwK-wINAyhNMaQ5hd98CAsqpl0vlcQoDxONNkRbwekmwnJVby_0jjGOzAhBIEc2SXif7_ir1acBNCTgZ4md_mr0i0g&sai=AMfl-YR1uaUCAsZyvMRcXnOL7ZIhTEjFEY1eWoTIEKremYwfAYkzt0QFTg-LiTseVCjj4oNFBhIj6kwDGSk2wCadS1JwXsIeIkQg2aFsyqKHa553a2ptbFrQyNvuf983&sig=Cg0ArKJSzDDC3GqaXsa3EAE&cid=CAASF-RopyV3DNyX--rcc-pC8W6uog68WUob&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1791281496&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622425138225&dlt=606&rpt=28&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:38:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rs
ad4m.at/ Frame D9AB 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74f90e8f467b0f59e8afac1284f627783453c4b3ddf3d3bfb846d36157f30ce5

Request headers

Referer
https://ad4m.at/ad/dr?ed=1k6y18rzd9b8djxr3xn8vh4sq7eezrm2ny5hze0ffdm7fjvxnc41q697mada9y8zmnjpddfm7ch4rs9mabjwedpqrcg7tt0gn4j7qj6s98yhdtap639p9qntcy0d22016nzh653qecdcq4k8m18f3rr0smkr88sxkppvczy4drdcdphs4z0a41p1tnq1b9sbvx0y05r8xtfvyw0g2yh49k383y536a4wn42qmax03yxk70esct13x0hw6fxpqh6t1evh8k9zbk2m3tjygwv2eq79nhg4j3mdbbzzpk6htf2vxr5v6at0wm55qrtv9kztv4zwpmfh2f23vqjbyk495rn9em06pb72a3gbksrb76158r5bq4h867mec000&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%26client%3Dca-pub-3076479851646180%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 31 May 2021 01:38:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-backend-server
rs-rvz5
cf-request-id
0a61ac12f50000c26df18a8000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sbiEZB0G21E9dhzdDm7Jx5fG2Hqvy1U4m0UYXJtLhaMtmnASfVxWi3qMgctjYU8WO8ormcO2f4nmKmz19HwLQF5Kd6vQp0wZ2%2BKtJ9f4XUXHFUFUlVNQWH%2FLx3Yy8Auq"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://ad4m.at
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
657c7c64bb54c26d-FRA
rar
as.ad4m.at/ad/ Frame C6AC 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=cc7b941a911fd444bb1067f5ab813810%2F13827517590247163533&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dgtxf30s88wbjmxbr4nr6xcxb60f8eyz47y6ck9mdm0jsk7j6dnw8zna9s32zjravs4j4pnznx2vn0h34qz02pas1v7nsab2egfh4qm05qftzh8ejtkr152q2kpn66cwre0nmrfe2wr7bhbjvasq4a8t2dvh11z963a3s5kj020cd2pbr7jzx6azznwgebckncnqjmdc831b57bwttsk17jnkkzvfc6jpzh56pf549mafad8rw5wxavy438%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%2526client%253Dca-pub-3076479851646180%2526adurl%253D&y=0&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a21f623cfcdf22d8b19697a55f4477a927bfcc9b31dbc641b77f614f66ef8c61
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=cc7b941a911fd444bb1067f5ab813810%2F13827517590247163533&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dgtxf30s88wbjmxbr4nr6xcxb60f8eyz47y6ck9mdm0jsk7j6dnw8zna9s32zjravs4j4pnznx2vn0h34qz02pas1v7nsab2egfh4qm05qftzh8ejtkr152q2kpn66cwre0nmrfe2wr7bhbjvasq4a8t2dvh11z963a3s5kj020cd2pbr7jzx6azznwgebckncnqjmdc831b57bwttsk17jnkkzvfc6jpzh56pf549mafad8rw5wxavy438%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%2526client%253Dca-pub-3076479851646180%2526adurl%253D&y=0&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:39:00 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a61ac131000004a79761db000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
657c7c64ecb84a79-FRA
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame C6AC 		59 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=cc7b941a911fd444bb1067f5ab813810%2F13827517590247163533&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dgtxf30s88wbjmxbr4nr6xcxb60f8eyz47y6ck9mdm0jsk7j6dnw8zna9s32zjravs4j4pnznx2vn0h34qz02pas1v7nsab2egfh4qm05qftzh8ejtkr152q2kpn66cwre0nmrfe2wr7bhbjvasq4a8t2dvh11z963a3s5kj020cd2pbr7jzx6azznwgebckncnqjmdc831b57bwttsk17jnkkzvfc6jpzh56pf549mafad8rw5wxavy438%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%2526client%253Dca-pub-3076479851646180%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=cc7b941a911fd444bb1067f5ab813810%2F13827517590247163533&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dgtxf30s88wbjmxbr4nr6xcxb60f8eyz47y6ck9mdm0jsk7j6dnw8zna9s32zjravs4j4pnznx2vn0h34qz02pas1v7nsab2egfh4qm05qftzh8ejtkr152q2kpn66cwre0nmrfe2wr7bhbjvasq4a8t2dvh11z963a3s5kj020cd2pbr7jzx6azznwgebckncnqjmdc831b57bwttsk17jnkkzvfc6jpzh56pf549mafad8rw5wxavy438%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%2526client%253Dca-pub-3076479851646180%2526adurl%253D&y=0&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:39:00 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1005672
cf-polished
origSize=60706
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-request-id
0a61ac13350000c26de439f000000001
cf-ray
657c7c652b99c26d-FRA
expires
Mon, 31 May 2021 02:39:00 GMT
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame C6AC 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=cc7b941a911fd444bb1067f5ab813810%2F13827517590247163533&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dgtxf30s88wbjmxbr4nr6xcxb60f8eyz47y6ck9mdm0jsk7j6dnw8zna9s32zjravs4j4pnznx2vn0h34qz02pas1v7nsab2egfh4qm05qftzh8ejtkr152q2kpn66cwre0nmrfe2wr7bhbjvasq4a8t2dvh11z963a3s5kj020cd2pbr7jzx6azznwgebckncnqjmdc831b57bwttsk17jnkkzvfc6jpzh56pf549mafad8rw5wxavy438%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%2526client%253Dca-pub-3076479851646180%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Mon, 31 May 2021 01:39:00 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
366000
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ABg5-Uwa0pHO7p2KwdWZ6A8ZHcFIkQUlgjPhsd8G8bqx4cWC-xpVXJrDEK-e_ZlHLKcIK4mqQ40q-IIwdNNX4JYmbgW8DGCfiw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
cf-request-id
0a61ac133700004a797f9f9000000001
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WolKxRCTo9RL0%2Bg5OB71Q5bxHzIQTeVnRth2d9Gc%2B%2BwtERZjNxTEk6%2B5RebEwspdDZauiTZsgKbfHPRWC5AIgzld5UfwhJS0GmGyCvUX2%2BxfivqDzHgVyiBnUs9n%2FaZcH2jrs4mszA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Tue, 01 Jun 2021 01:39:00 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
657c7c652d094a79-FRA
cf-bgj
imgq:85,h2pri
A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame C6AC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=cc7b941a911fd444bb1067f5ab813810%2F13827517590247163533&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dgtxf30s88wbjmxbr4nr6xcxb60f8eyz47y6ck9mdm0jsk7j6dnw8zna9s32zjravs4j4pnznx2vn0h34qz02pas1v7nsab2egfh4qm05qftzh8ejtkr152q2kpn66cwre0nmrfe2wr7bhbjvasq4a8t2dvh11z963a3s5kj020cd2pbr7jzx6azznwgebckncnqjmdc831b57bwttsk17jnkkzvfc6jpzh56pf549mafad8rw5wxavy438%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%2526client%253Dca-pub-3076479851646180%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date
Mon, 31 May 2021 01:39:00 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
367204
cf-polished
origFmt=png, origSize=4031
x-guploader-uploadid
ABg5-UzGiRR4yimbWKfGJZpmBb7Y7HRFdwG_OsOerIJSuqRrvfrFIfTgIYrYfkjPNAsraqsGAdYkDRgmZq7_XAan-8Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1598
cf-request-id
0a61ac133600004a7924866000000001
last-modified
Wed, 20 Jan 2021 17:03:56 GMT
server
cloudflare
etag
"7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Y2CCDMEh%2FVnvFnTBgckyWnyE1fjC55WIqO6shMWEtWmWjkFiX9H1Vsj%2F%2BSp7zGfb%2FkzoafDo3xAAcrM7EdyDl%2FXJa8mbWYhV68WAgjC9dd%2F0fqP5HNby%2FipN4Y%2BPuQJDaLW7Lk0YFA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1611162235947637
content-type
image/webp
expires
Tue, 01 Jun 2021 01:39:00 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
4031
accept-ranges
bytes
cf-ray
657c7c652d084a79-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame C6AC 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=cc7b941a911fd444bb1067f5ab813810%2F13827517590247163533&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dgtxf30s88wbjmxbr4nr6xcxb60f8eyz47y6ck9mdm0jsk7j6dnw8zna9s32zjravs4j4pnznx2vn0h34qz02pas1v7nsab2egfh4qm05qftzh8ejtkr152q2kpn66cwre0nmrfe2wr7bhbjvasq4a8t2dvh11z963a3s5kj020cd2pbr7jzx6azznwgebckncnqjmdc831b57bwttsk17jnkkzvfc6jpzh56pf549mafad8rw5wxavy438%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%2526client%253Dca-pub-3076479851646180%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 01:39:00 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame C6AC 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=cc7b941a911fd444bb1067f5ab813810%2F13827517590247163533&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dgtxf30s88wbjmxbr4nr6xcxb60f8eyz47y6ck9mdm0jsk7j6dnw8zna9s32zjravs4j4pnznx2vn0h34qz02pas1v7nsab2egfh4qm05qftzh8ejtkr152q2kpn66cwre0nmrfe2wr7bhbjvasq4a8t2dvh11z963a3s5kj020cd2pbr7jzx6azznwgebckncnqjmdc831b57bwttsk17jnkkzvfc6jpzh56pf549mafad8rw5wxavy438%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%2526client%253Dca-pub-3076479851646180%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Mon, 31 May 2021 01:39:00 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
368511
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ABg5-UwWzV8Vi9wwWB9_t92BZ3hXsqxnGcNPAW0LaVCSpyGkAeICaRXs_LpZzjWYyirMRzo7C0cmfApc-NiuzLQfsg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39202
cf-request-id
0a61ac133700004a797394b000000001
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=saxsvaRSpFk%2FcHbRosX3B3hHjAFXCsFo63yRfTsLN9pnRDuUlSX%2B4MdTyY1eAPgeBvx4nth1iHn9c%2FEDyHNrS46QbAXa8mNLvgmqrfOkNMeyZis6ZG%2F6pOQL1B38MUkLk1iPSNKUcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Tue, 01 Jun 2021 01:39:00 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
657c7c652d0a4a79-FRA
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame C6AC 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=cc7b941a911fd444bb1067f5ab813810%2F13827517590247163533&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dgtxf30s88wbjmxbr4nr6xcxb60f8eyz47y6ck9mdm0jsk7j6dnw8zna9s32zjravs4j4pnznx2vn0h34qz02pas1v7nsab2egfh4qm05qftzh8ejtkr152q2kpn66cwre0nmrfe2wr7bhbjvasq4a8t2dvh11z963a3s5kj020cd2pbr7jzx6azznwgebckncnqjmdc831b57bwttsk17jnkkzvfc6jpzh56pf549mafad8rw5wxavy438%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%2526client%253Dca-pub-3076479851646180%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Mon, 31 May 2021 01:39:00 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
369157
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ABg5-UwkjW7D1NIP-SGMO0-kZ76TtZfUKrCHcFefqvfPhPmPd2kUA2JGX59C6myv_SM-svP_Kdq_okuTD9MVCpFHug
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
115268
cf-request-id
0a61ac133700004a79313f6000000001
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=66bUS4r4yFb21Gj6zf9%2FIRzJDEjXuXHHpololHCVIQz%2FEKd3van6n55maYXFvQK0lsZmNYPrZllie0Y24fxHiSOxkvy2dwxXjLul9QzTvde2HQM7%2Fu7Au9FK1Jm6BBnnsmfjfn6c2g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Tue, 01 Jun 2021 01:39:00 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
657c7c652d0b4a79-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame C6AC 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=cc7b941a911fd444bb1067f5ab813810%2F13827517590247163533&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dgtxf30s88wbjmxbr4nr6xcxb60f8eyz47y6ck9mdm0jsk7j6dnw8zna9s32zjravs4j4pnznx2vn0h34qz02pas1v7nsab2egfh4qm05qftzh8ejtkr152q2kpn66cwre0nmrfe2wr7bhbjvasq4a8t2dvh11z963a3s5kj020cd2pbr7jzx6azznwgebckncnqjmdc831b57bwttsk17jnkkzvfc6jpzh56pf549mafad8rw5wxavy438%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%2526client%253Dca-pub-3076479851646180%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 01:39:00 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame C6AC 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=cc7b941a911fd444bb1067f5ab813810%2F13827517590247163533&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dgtxf30s88wbjmxbr4nr6xcxb60f8eyz47y6ck9mdm0jsk7j6dnw8zna9s32zjravs4j4pnznx2vn0h34qz02pas1v7nsab2egfh4qm05qftzh8ejtkr152q2kpn66cwre0nmrfe2wr7bhbjvasq4a8t2dvh11z963a3s5kj020cd2pbr7jzx6azznwgebckncnqjmdc831b57bwttsk17jnkkzvfc6jpzh56pf549mafad8rw5wxavy438%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%2526client%253Dca-pub-3076479851646180%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Mon, 31 May 2021 01:39:00 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
366304
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ABg5-UwEVnjd7dR3HhxvLjp_sWRKJYH0caMiuu_CyivY0DOCPBFePnJOMgFk4q-EOhBvW8wM7HavdGsiweoV4l2mI3KykCijyg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
cf-request-id
0a61ac133700004a79938ad000000001
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WB1zvw1ifXOq5geAC3jFbVzgb%2Fd%2FUNxo6lhCag5qTqCYWOYIpjCEGsDBiBaoIB0sEy%2FjZW5f6CnylBeeo0Fys5oKxsXjHGOk7eCz6zQXDtUQ6Pt4F%2B%2B9Ea2jHv3YL0zsyVB9y%2FlROw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Tue, 01 Jun 2021 01:39:00 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
657c7c652d0c4a79-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame C6AC 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=cc7b941a911fd444bb1067f5ab813810%2F13827517590247163533&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dgtxf30s88wbjmxbr4nr6xcxb60f8eyz47y6ck9mdm0jsk7j6dnw8zna9s32zjravs4j4pnznx2vn0h34qz02pas1v7nsab2egfh4qm05qftzh8ejtkr152q2kpn66cwre0nmrfe2wr7bhbjvasq4a8t2dvh11z963a3s5kj020cd2pbr7jzx6azznwgebckncnqjmdc831b57bwttsk17jnkkzvfc6jpzh56pf549mafad8rw5wxavy438%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%2526client%253Dca-pub-3076479851646180%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Mon, 31 May 2021 01:39:00 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
621693
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85604
cf-request-id
0a61ac133700004a792b20a000000001
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lHpITbxfjWG55iFkDRUSiON8lIwR%2F%2FmDMTqZiKirTsq4nbu%2BpQecaFqDeDwTiccDsll6k%2BC7UIvGdBpQEIg4g8s1D65lvZAg1NbwhZ6UidBozaTv1CNZWvTaOtbqfWn9T8Hag%2FLFoA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Tue, 01 Jun 2021 01:39:00 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
657c7c652d0d4a79-FRA
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame C6AC 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=cc7b941a911fd444bb1067f5ab813810%2F13827517590247163533&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dgtxf30s88wbjmxbr4nr6xcxb60f8eyz47y6ck9mdm0jsk7j6dnw8zna9s32zjravs4j4pnznx2vn0h34qz02pas1v7nsab2egfh4qm05qftzh8ejtkr152q2kpn66cwre0nmrfe2wr7bhbjvasq4a8t2dvh11z963a3s5kj020cd2pbr7jzx6azznwgebckncnqjmdc831b57bwttsk17jnkkzvfc6jpzh56pf549mafad8rw5wxavy438%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%2526client%253Dca-pub-3076479851646180%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
dbb35e60a04295be4ee05e714c74e64aaa0803c381ea14633a7ad90b086476b7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 01:39:00 GMT
Last-Modified
Mon, 31 May 2021 01:39:00 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DD17 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWSoNwmZIw9SWAo8jndmVmLW02it2dNVDh3xtcle98r5vo8x0GCwWhXDi5fbQ-C4DPy0Kr812ifCLjPMuacEQyviLrNgjVQSgWcn4BTh0&sig=Cg0ArKJSzGArAtNoLd7_EAE&id=lidar2&mcvt=1000&p=202,1075,456,1375&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210526&bin=7&avms=nio&bs=1600,1200&mc=0.98&app=0&itpl=19&adk=636366603&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622425136751&dlt=0&rpt=1394&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:39:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame C6AC 		60 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-110.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 16:01:46 GMT
via
1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
last-modified
Mon, 24 May 2021 16:27:08 GMT
server
AmazonS3
age
34846
etag
"4f1db9fdf90b4f2a5576501528dc54bc"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
61124
x-amz-cf-id
ZbW5V0gscPne3NrXUBg9ap5Nm1TrdrNmIpgbSFJtuvDkkhrvciLkIA==
hit
diapi.webgains.com/2.0/ Frame C6AC 		79 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1_0JNcNFxa1r.S9RdPQSzOy_Aw7UTlf_01kKHoNv_2U.0Y.KI0YZ_DK1civojoxbursZPuVr914VecL57GY5BNv_0TjV.33C&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221622425140%22%2C%22%22%2C%22%22%2C%22%22%2C%221777945140%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=21ace004fdb74e0a9166522a1d59ca8c&userIP=89.249.64.171&doAffectv=1&wgtime=1622425140
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Croydon, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 31 May 2021 01:39:00 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame C6AC 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid5kZuXfEfKWkaWC7HMt3tE3QabtktVjmoneid__webplexmedia_advancedad_Desktop_160x600&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=cc7b941a911fd444bb1067f5ab813810%2F13827517590247163533&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dgtxf30s88wbjmxbr4nr6xcxb60f8eyz47y6ck9mdm0jsk7j6dnw8zna9s32zjravs4j4pnznx2vn0h34qz02pas1v7nsab2egfh4qm05qftzh8ejtkr152q2kpn66cwre0nmrfe2wr7bhbjvasq4a8t2dvh11z963a3s5kj020cd2pbr7jzx6azznwgebckncnqjmdc831b57bwttsk17jnkkzvfc6jpzh56pf549mafad8rw5wxavy438%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLUM2MT60YOrDI5ePgAfIyaL4DZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA3NjQ3OTg1MTY0NjE4MKABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgTFAU_Q5cSVVzjXsB0mNhMMMyHlClNrws9IHKg-m50Snt2-_zBaZ27zsJpQpg4NoZP-hbWRYDyQ8cxB57LWy1jG1FigtXDlizW7toHGT9rS7-Lf2S0ypE6j2ocpfSqXE2aVZw8lpbg_oEU-Rcm774C6bYNIwC80NXdMaSDx14EQ2cQBIRBbSjKssblnzlcETiIHfB_2VJpra_fdZpGrrtic5yYb_7RqQVZfTG9qzsM3mnowgceVFLbbpm0DB5m74sN0XUxc4W8QgAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LQ8EGQDM4m8J6M9tu4OU-TUWtww%2526client%253Dca-pub-3076479851646180%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 01:39:00 GMT
Last-Modified
Mon, 31 May 2021 01:39:00 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
fp_decode.html
track.webgains.com/ Frame C6AC 		63 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1_0JNcNI0_iLs2dI_AIQjvEodUW2vqCRc7L1eLY6Rhw.5B0KB5DHJtJ9XvjHzIqUfUXGfe2Rc7L1eWNNW5BNlYiJ4uy.1ed
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 31 May 2021 01:39:00 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
bounce
ib.adnxs.com/ Frame 940C
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 May 2021 01:39:00 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.30:80
AN-X-Request-Uuid
83d77ca0-1d23-4997-9ab9-2f014f1d7579
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 May 2021 01:39:00 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.236:80
AN-X-Request-Uuid
f646d98b-9c2a-47af-a1ed-06dc89c27d97
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E74B 		42 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstP_nsdifTBhJ1uyNDMQRQ_LdMwZhv473JujqkcFFBeKHW2sFDesftUCvxPhPIxfos9MVbEOi-i4PGczcyF_Fl5Tu08lNWFfIVYe2WOB-TNjqsJV9ZKfQEjR7qxIQ&sai=AMfl-YS4IVUvFIqL0EAEg5v-xl-jVB4KBcFFvMXwkuoAS1Pixm3Cv5E93gqUA4cqcsZt9BvUtqQvVt-NItS2qDKdHKlb7Af9a8CWfq1rNJz3wkZYDYOuDt0FYLYRlmcafIY&sig=Cg0ArKJSzGPcaVPNFkBjEAE&cid=CAASPeRoUO80_Zeb6SVFHbWBIUCj6S5_DYkeacX3ccF8YEZ-zs2xTy_rgzVK8yMVH5aGdZ0_LyD6tmtmWyOiMB4&id=ampim&o=0,0&d=550,450&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=2807&tls=3807&g=100&h=100&tt=3807&r=v&avms=ampa&adk=2864855696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailythanthi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 May 2021 01:39:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
52.209.181.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 31 May 2021 01:39:01 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame C6AC 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.181.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PHP/7.4.19
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 31 May 2021 01:39:01 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.19
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tech-essence-clk.min.js
analytics-wg.webgains.io/ Frame C6AC 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-110.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 13:01:51 GMT
via
1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 10:42:29 GMT
server
AmazonS3
age
45431
etag
"8c03dbb33c82f21c7644b0fbe99c300a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
45522
x-amz-cf-id
aPQWcIean32QnXZL-21eu8BIBMiwL3Sh5rlsMFnB2mNAsq_EQJa3ww==
tag
w-it.m-t.io/ Frame C6AC 		18 B
205 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/tag?type=impr&date=1622425141307
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 01:39:01 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
x-cloud-trace-context
aec7881c67918b5a96663ef96bdc765e
cache-control
private
content-length
38
track
w-it.m-t.io/ Frame C6AC 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16224251403605_e828f45160&programId=12607&expiry=1777945140&acc=wg&scriptTag=&type=postview&indicator=e5ac9fe9715a5705db8acd899076e7ed&
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context
50dd8c5e738753fdeabf792c8c442ff3
server
Google Frontend
date
Mon, 31 May 2021 01:39:01 GMT
content-length
0
content-type
application/javascript;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLQ-MUq1VL7z6KwZcUWCnQAABI0AAAAB&google_gid=CAESEOF6mYFd0nM6wLV5owJbSsY&google_cver=1&google_push=AQvitUKqnrpuqKyuMvBu0rUL6d1T5WEHdzNoqx11XxIZR2K_lLIkWNcIcZKAVZSTjJP_DljOt2-y02ME2NCgh8hVWwXErIs77Q4MNw

Verdicts & Comments Add Verdict or Comment

450 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| googletag object| ggeac object| google_js_reporting_queue object| apstag object| _taboola function| fbq function| _fbq object| _izq object| container undefined| _izAlt object| _iz object| izConfig object| _comscore object| head object| script number| timestamp function| _izooto function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter boolean| google_measure_js_timing function| $ function| jQuery object| google object| adsbygoogle number| google_srt object| google_logging_queue object| google_ad_modifications object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error string| google_user_agent_client_hint undefined| elem_rwcorona_tagmanager_bottom undefined| elem_rwcorona_main_widget undefined| current_url_loc undefined| myScrollFuncUnify undefined| elem_rwcorona_close undefined| elem_rwcorona_background undefined| elem_rwcorona_close_2 undefined| elem_rwcorona_button_link undefined| element_big_iframe undefined| rwadx_mow_widget_coronavirus_iframe undefined| rwadx_mow_widget_trendingnews_iframe undefined| rwadx_mow_widget_voicesearch_iframe undefined| elem_rwcorona_close_script undefined| rwadx_mow_widget_advertisement undefined| elem_rwcorona_agent undefined| elem_coronawidget_title undefined| css undefined| htmlDiv object| TRC object| _tblConsole undefined| msg function| udm_ object| ns_p object| COMSCORE boolean| Loading function| ajaxHomeLoad function| ShowLoader function| HideLoader function| createCookie function| readCookie boolean| apstagLOADED object| jstiming string| google_input_tools_source object| closure_lm_666989 boolean| ita_icon_style string| spikejs object| body object| jQuery110206281361602923916 object| html5 object| Modernizr object| _atrk_opts object| _gaq function| fbAsyncInit function| ready number| mybotMultipleIconsEnabled string| botPosition number| mybotClickCountEnabled number| mybotCloseEnabled string| myBotMenuCustomTopText string| myBotMenuCustomTopTextCats string| mybotContextTitle string| mybotSearchKey string| mybotSearchcx number| mybotScrollFlag number| mybotScrollPixelHeight number| mybotIsBottomScrollDisapperEnabled number| mybotIsBottomScrollStartDisapperEnabled function| function1 function| function2 function| function3 function| function4 function| function5 function| function6 function| function7 function| function8 function| mybotCustomFunction function| loadAdCustom function| mybotampOpen function| mybotampClose function| mybotOpenOutSlider function| openNewsCategoryOutSlider function| moveSliderAuto function| setIntervalX number| mybotMatchEnabledFlag number| mybotMatchEnabled string| mybotloadCricWidgetScript object| mybotMatchTimestamps number| mybotMultipleIconsDynamicEnabled number| mybotspecialEvent string| mybotMultiIconName string| mybotMultiIconType number| mybotMultiIconNumber number| mybotProfileheight number| mybotMultipleIconsStartepoch number| mybotMultipleIconsEndepoch number| mybotLoadAdDefault number| mybotAuthEnabled string| mybotClickLocation string| mybotLang string| mybottlang string| botSearchDisplayText string| botSearchDisplayTextNF string| botSearchPlaceholder number| mybotOutSliderEnabled number| mybotScrollStartFlag number| mybotScrollStartPixelHeight number| mybotMobileTopPlacement number| imageSearchExp number| mybotSearchTitleField number| mybotampEnabled string| mybotlinkAppend string| mybotCat1 string| mybotCat2 string| mybotCat3 string| mybotCat4 string| mybotCat5 string| mybotCat6 string| mybotCatMore string| mybotGACode string| mybotadSmall string| mybotBundle1 string| mybotBundle2 string| mybotadIn string| mybotgabywa string| mybotClosevar string| mybotCloseInVar string| mybotFace string| mybotFaceOpen object| articles object| desc object| links boolean| botAdInFlag string| AUTH_TOKEN boolean| mybotDragClick undefined| botsite undefined| botCloseAuto number| catFlag number| adInSmallCounter number| slideNo number| searchFlag number| botSearchBottom function| placeBotAndAd function| callOnDocumentReady function| mybotStart function| mybotSliderAddEvents function| getTouches function| handleTouchStart function| handleTouchMove function| mybotScrollStart function| mybotScrollEnd function| mybotClickCount function| function10 function| botPic function| mobileTopPlacement function| adDesktopTopPlacement function| loadAd function| show function| hide function| toggle function| scrollToMyBot function| botTranslate function| botTransliterateText function| botProfane function| mybotCategoryClickCount function| botSearchEventList function| botSearchQuery function| changeNewsCategories function| updateAuthToken function| openBotMenuCustom function| botSearchWrapperAppend function| openBotMenuMore function| openBotNewsHeadWrapper function| openloader function| closeloader function| mobileCheck function| firstOpenBot function| firstCloseBot function| openNewsCategoryWise function| dragElement function| addShare function| addReaction function| copyToClipboard function| moveArticlesLeft function| moveArticlesRight function| closeSlide function| mybotArticleSameTab function| mybotSearchStore function| mybotloadCrnWidget function| mybotloadCricWidget function| mybotClickOnBotIcon function| mybotLoadFbSDK function| mybotLoginFb function| mybotLogOutFb function| mybotFbTokenToServer function| mybotFbCheckLogin function| mybotFbDetails function| mybotFbDetailsFromServer function| mybotFbCodeFromServer function| mybotDisplayQuiz function| mybotIsLoggedIn function| mybotQuizLoadRules function| mybotShowLoginScreen function| mybotQuizStart function| mybotSetUserName function| mybotShowNextQuizQuestion function| mybotSendQuizAnswersToServer function| mybotShowScore function| mybotShowLeaderboard function| mybotOpenBotStart function| mybotQuizStartPrep function| mybotQuizloginPhonenumber function| mybotQuizloginPhoneSubmit function| mybotClickCountPlayQuiz function| mybotClickCountFblogin function| mybotClickCountStartQuiz number| currentTS object| el string| url object| s object| google_persistent_state_async object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id object| gaGlobal function| google_sa_impl object| __google_ad_urls number| google_global_correlator boolean| _gfp_p_ object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| google_image_requests object| FB string| mybottargetboturl string| mybotStatAPI number| mybotStartHour number| mybotEndHour string| botPoweredBrand number| mybotIsScrollupDisapperEnabled number| mobileTopPixel number| mybotStateData string| mybotStateName string| mybotadSmallH number| mybotBlockedPagesFlag string| mybotBlockedUrl string| mybotBlockedClientName string| mybotTopBarContent string| mybotBottomBarContent string| mybotFace1Content string| mybotFace2Content string| mybotFace3Content string| mybotFace4Content string| mybotFace5Content string| mybotFace6Content undefined| mybotDataSet1 undefined| mybotDataSet2 number| mybotSequenceIndex number| mybotSequenceIndexStart number| mybotIsMatchLive number| botInsideFlag undefined| mybotCloseTriggeredFlag number| mybotDragElementFlag string| boturl function| formatDate function| formatTime function| putData function| getScore function| runSequence function| capitalizeFLetter function| mybotloadNewsbotWidget function| mybotloadCricWidgetCrn string| urlToCheck object| _gat function| atrk boolean| _atrk_fired string| adgsrvrUrl number| totalArticleCount object| NativeAdPos boolean| spikeResponse boolean| homePageNativAds boolean| isMobile object| AdgebraSpikeAds object| HPNADivArr boolean| isHomePage function| adg_getSpikeURLParam string| NativeSpikeArticles string| dfp_flag string| urls string| urlprotocol string| Fixeddomain undefined| urlcheck string| spikeServletUrl string| device function| getSpikeadgCurrentDayId string| personalizedspikeServletUrl function| getCurrentHrId function| getMetaTitleContentkeys function| reShuffleArticle object| spikeDiv function| callback_spike function| imageErrorHandler function| callback_spike_9 function| callback_spike_personalized function| callback_spike_12 function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| oldScript object| attr function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT number| REFRESH_TIMEOUT object| mappings string| GEO_CODE object| div_1_sizes object| ubpbjs function| initAdserver function| googleDefine function| googlePush boolean| botmanCalled string| userStatusBM function| callBotman function| callAdsUB function| callAPSAds function| refreshBid function| ub_checkAdRendered function| mainHbRun object| adUnits object| ub_slot1 object| gaplugins object| gaData function| ubpbjsChunk object| _ubpbjsGlobals string| nobidVersion object| nobid object| Criteo object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager number| ub_slotNum string| adId1 object| e9PageData object| dataSet object| mybotStatedata string| state_cases string| state_recovered string| state_death string| state_name string| x string| world_cases string| world_recovered string| country_cases string| country_recovered string| country_name object| criteo_pubtag object| criteo_pubtag_prebid_108 object| Criteo_prebid_108

18 Cookies

Domain/Path Name / Value
www.dailythanthi.com/ Name: ucf_uid
Value: ca996016-424f-4bc2-aa5c-2b38bfe9b8d0
www.dailythanthi.com/ Name: id5id.1st_last
Value: Mon%2C%2031%20May%202021%2001%3A38%3A56%20GMT
www.dailythanthi.com/ Name: id5id.1st
Value: %7B%22created_at%22%3A%222021-05-31T01%3A38%3A51.324437Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
.dailythanthi.com/ Name: _ga
Value: GA1.2.911410119.1622425136
.dailythanthi.com/ Name: __gads
Value: ID=c15c5e7fd1b40a52-227224a54dc8007f:T=1622425135:RT=1622425135:S=ALNI_MZ-iqcjq-gqZP2h2WtNRHME3lHRhA
.dailythanthi.com/ Name: __auc
Value: 9918385e179c012eb7195badd1b
www.dailythanthi.com/ Name: _ubpbjs_userid_consent_data
Value: 3524755945110770
.dailythanthi.com/ Name: __utmb
Value: 242132759.1.10.1622425136
.dailythanthi.com/ Name: _gid
Value: GA1.2.370178480.1622425136
.dailythanthi.com/ Name: __utma
Value: 242132759.911410119.1622425136.1622425136.1622425136.1
.dailythanthi.com/ Name: _gat_gtag_UA_141787416_1
Value: 1
.dailythanthi.com/ Name: __utmt
Value: 1
.dailythanthi.com/ Name: __utmc
Value: 242132759
.dailythanthi.com/ Name: __asc
Value: 9918385e179c012eb7195badd1b
.dailythanthi.com/ Name: __utmz
Value: 242132759.1622425136.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.dailythanthi.com/ Name: _fbp
Value: fb.1.1622425135946.1413972291
.doubleclick.net/ Name: IDE
Value: AHWqTUkpb83zOUNZR_A1uJwRoRp-LpvtqLHREhRZ2A8Mn8Q2HMByfARbRsC2fzyRIag
www.dailythanthi.com/ Name: lazycookie
Value: yes

6 Console Messages

Source Level URL
Text
console-api error URL: https://www.google.com/jsapi(Line 139)
Message:
Loading "elements" other than "inputtools" is unsupported.
console-api warning URL: https://www.google.com/jsapi(Line 139)
Message:
Loading "elements" with the jsapi loader is deprecated. Please load [object Object] directly.
console-api info URL: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2104130153000 https://www.dailythanthi.com/
console-api info URL: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2104130153000 https://www.dailythanthi.com/
console-api info URL: https://cdn.ampproject.org/rtv/012104130153000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2104130153000 https://www.dailythanthi.com/
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3177363cb3f4f6203a894876a9c99928.safeframe.googlesyndication.com
a.tribalfusion.com
aa.agkn.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ad4m.at
ad4mat.net
adgebra.co.in
ads.creative-serving.com
ads.pubmatic.com
ads.rwadx.com
ads.servenobid.com
adservice.google.com
adservice.google.de
ag.innovid.com
analytics-wg.webgains.io
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
b1sync.zemanta.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
biddr.brealtime.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cdn.aralego.net
cdn.izooto.com
cdn.jsdelivr.net
cdn.taboola.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
covidapi.unibots.in
cpm.fmlabsonline.com
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
cse.google.com
csync.loopme.me
d.agkn.com
d5p.de17a.com
diapi.webgains.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
hb.aralego.com
hb.emxdgt.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.dailythanthi.com
jadserve.postrelease.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.33across.com
pixel.advertising.com
pixel.everesttech.net
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pro.ip-api.com
prod-rtb.ad4mat.net
public-prod-dspcookiematching.dmxleo.com
public.servenobid.com
pubmatic-match.dotomi.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.gumgum.com
rtb.openx.net
s.tribalfusion.com
sb.scorecardresearch.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssl.google-analytics.com
ssl.gstatic.com
stags.bluekai.com
static-de.ad4mat.net
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aralego.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tag.1rx.io
tags.bluekai.com
tags.expo9.exponential.com
tg.socdm.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
w-it.m-t.io
www.awin1.com
www.dailythanthi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
cm.g.doubleclick.net
104.111.239.217
104.17.119.107
13.226.158.204
13.226.159.110
13.226.159.21
13.226.159.25
13.226.159.88
13.227.156.91
142.250.181.226
142.250.186.98
146.59.148.16
150.136.156.92
151.101.113.108
151.101.114.49
154.59.122.79
159.253.128.188
162.55.6.213
169.197.150.7
172.105.34.228
178.250.2.131
178.250.2.151
178.62.202.251
18.156.0.31
18.185.140.232
18.185.206.125
18.194.175.178
18.195.155.181
18.198.69.109
185.183.112.155
185.184.8.65
185.29.135.226
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.80
185.86.137.121
185.94.180.125
192.96.200.41
193.0.160.128
198.148.27.140
199.232.137.44
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
202.241.208.100
213.155.156.184
213.19.147.42
213.19.147.44
216.52.2.19
217.182.200.20
23.22.239.72
23.45.99.241
2600:1901:0:76b9::
2600:9000:2182:d200:1e:a43d:b640:93a1
2606:4700:20::681a:ad1
2606:4700:20::ac43:47fe
2606:4700:3032::ac43:aa7a
2606:4700::6810:5f41
2606:4700::6812:417
2606:4700::6812:c05
2606:4700::6812:d6b
2606:4700::6812:d841
2620:116:800d:21:f916:5049:f87f:108e
2620:1ec:bdf::67
2a00:1288:110:c305::8000
2a00:1450:4001:803::2001
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2001
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2013
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c0a::9a
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00:29c::3975
2a02:26f0:6c00:2b8::3975
2a02:fa8:8806:20::2040
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::621
2a05:d01c:1d8:8102:5af6:b07b:462f:23c8
3.126.63.176
3.127.51.194
34.120.25.144
34.246.227.69
34.98.64.218
35.156.10.121
35.227.252.103
35.244.174.68
37.157.2.237
37.252.172.249
37.252.173.27
46.236.13.147
51.38.120.206
51.77.64.70
52.203.172.63
52.209.181.46
52.48.248.240
52.56.111.113
54.171.232.254
54.213.1.67
54.246.13.173
54.246.172.223
54.36.109.22
54.77.19.59
54.87.192.123
67.202.110.24
69.173.144.138
70.42.32.127
70.42.32.63
76.223.111.131
77.245.57.72
81.29.72.47
85.114.159.93
88.214.206.247
018ebd8a1ce51b1b47a9470603ce8a7ccdad7c2a19618c2fcf2cdb51400a35bc
03627f4635f87f53871152068973ce0b44d4b9ef3d19c1e3fb38d3df0f5f97cc
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d5135164cf7ce56902eefb2a0e6489574b843dccf3675b26dbef2eadb6da0e
079fbf03f6bfa5f27a9de1beba133d2f5866b6b41c104a20f6cbf879b00bef1b
07cdc140e30f20b58b03425ca18ecfb5b1cd4485cf25de4a9bfbf5d976ba9116
08a1a1212c385bd6505b1b3a4af0a643fdb3ba11d6d514651989a3489624a459
09c702b2b9951f3e21f47dce2acf73162552fe6f279d5fdfe10b256dba6996d3
0aaa9914142534fa6c2ab10ce5eb0977d18578e58254df51e93ce6c844ed36e9
0b5c402ad190166553b2223b2ce9705cef2c189f947dcb3b99999380660964b9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b92732da0de24ce3f182957b0eeaecaf64eb49756b0b61d824435ad79a1c69b
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0cc14ed6f06919fc4834b3afbe8be59e7c0056da15719b72a5d9d1f3413cb46a
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11826d1d85e232793ae2aaef5ab3888af820470b27a3334436a5b01ac6552c78
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
140bfe8d8b61a40add52f67523988f8c2e7da7b947f6f572fc15bcab07d45d52
167a23632603bd0e0b2175e523a0b9ffbc5073baa3074d40806102b56f155422
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18fd800875ed94f001d071fade3347ffc99922c70ba3245bf374cd95c2b2c065
1b28b59d60d342cf81dcd70216fa1ed427edd5510ea86db6c8a6153c10171c0e
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1be144e8736f2ebcbfeb43f95f18e12cc326704004b13ac6730ee2158d8abeb2
1bea837fb0239c48280e1db00907ec8cb3cb1c07a83be8a32658efa9cb0b7948
1c45bfa2dc80f54eb8564aa778a0929a00811168617ee6340cc59f0af48e5cca
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1e19b5711b6ea27004804aedc80c0285e7032e53d50bcb38f2f2bb6a8799f6f1
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
1ea9552da752900d3b9048671160897153fa1103a3d04d5ddcc72a2051a0a008
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
20e4410e4a45e0deeac3716dbb7c6fc6ac15b890deeb343031a00fa69791e63a
2130554153fa8c200d17c28a5c70c3b0cf4bd9b4796d6e431c89c7f99417a1a9
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
249e6f18e8677a7aea636037aa28c2d830c058dfc13b06d3021b440d9b289d6d
262ff44b33fbc5dfd8f3c4a1c3ca2eb58890908dd729cfa7031833ce135d8dc4
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e5087dba65e2017d202398c20f4038012891c825d6473b2414e3e0a1c6e0e4f
2f2f2caed1d5b59c9acfbb35c443996e0cd20aa003ef9d76f317e0e17ee35f68
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
37191f21e3dd1db20898df836eb549dff1a8969082852e8538a25a72e99e639c
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3911394a7505716f85e47dfade77c4a774cf59256aa8b61e974addbde23774eb
3bafdbc50f1eab55b0c2858ff6a49c492bc8dabf828842fb9537f9fd974e2911
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e4a0c3bc97048555f0c3ded3e29bb9a9b0e67587fc5a6195d7b6a0d06cf07f6
405ce86a65d6a6777a3f5b4aba4ead76232a1108eda6d5b6831be7b06a8efba8
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
497b72c15a5b6d121a7eb81e018ce1b269727da364fae965ae1b5d5cfb17e9a8
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a7562f5d27f6ca79e334ba1594a63b2f8af0b158be29818facbe4b6a022aba0
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
4d0359a684b02f214b941218c17707315e7f4df1f9c3b88a90b912e3cea13bf4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fcf14d1c6064c93842d04dac0992db3a6629efbfe5bd0d5d5d78e8bcee4dd0e
50a10bf2f804ce11fd057f47a500ff9ffba2c0bd44f7ab938cbf808cee2df614
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5408c3a998bd5a6e7cada091ad4dce4d1821dc42d39479717f38e2061aa54e0c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
551f29b41ba5aeed8a927c18698b6bcefdbd1f420462429c835b853718450ddd
56a1ba10c485141ac0076151cf5813479c56c7fc0f98ec0defd9e210453dc226
5a0fee3e8342107a5e05a0e4be8a1b24ca3c330d3c378dd5c0dad0c3f84cdf31
5a786666c740c398334ab39ea8fa5ee402f03e984704326b5e4803731bc86174
5b6f3806c04b7c91d2ee5cf8f42b31343a9d33ea62ad9d0506cfa1be078477d3
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f79098407a254c69cf91e18b9b48e4f90aa42d7b31f27980ec12efe02b2549d
618d4c057d27a55da0cd6b8f680408cf117333207027af6b79cd395ff16e4315
61cd6b8219f6cc7f2a6f6640e246a0ab1a0890aff678ec2abcba309e3173dac0
62cdccf1ab4b4215586295612a4a2ef96fa490250fa96dbccc565f659cab86ab
62efbff3aefac0461bce65c59038dc2c35b96b9639f490fd90a1b135b045af39
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
64c4c7678d137cd044edc23f64115c2fa200bf63b92a820188103368dfb2fe51
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6675951ceddcb0ffc137886e2c535a89a61c6fb0750fbec273e0c27094ef48e9
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
695ba1400e04815db482d2363c5564180dff11d6c064c069982fcc449efaf627
699e4ad68a743c6fd6c4100da962aebddfc79b7a00694d22b57a3015b4362a11
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6489a7d04f10c1a0342b15616350774cb7fbe16e98341d13bde9ff539b7c51
6d0e90a0aaa5c6a9dfae5f91df2e379681f1cd63e4bac6a611b68f460fbbb1e1
6fddca13b15b6866d34a3c6995d1de73b27bcbf42aea81e733b4a4ef5dae0759
70fb5b750bcc624f3cb53fd4d2ac4eaf5581f13ec774a5dffe58b6f711ab9a36
712d9c100db30d19ed8af6225014ba16da41942c6d38266b2c0ec787ad5c51f3
71f79e9a0ba2168a40392fde46e32cc3d042f8f910a6ca881cdebdefb25667f4
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74f90e8f467b0f59e8afac1284f627783453c4b3ddf3d3bfb846d36157f30ce5
75eba5e26e9d1c58c9a0980f328ed0a65c6e0da9427cbe108b4511bf89bd328a
7842e513fad787187505db4d6d1a2afaf947c7d76b30032013acb8fad99b9a0b
7967e0c909794a90a56774c3ffa38cfe0b50e410f70b6839c5072f8565fc4731
79a16b036117afa1ad12d18bdad714b3a29a17c7d95e4208946fcca3a782448e
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7bc29500273c93c58829591b68df2cd5b8885409f82654d852b5b9b65d18f7be
7e69652b49165e54215884b45e6b0541d484f23a9fa9094e5b9d18d02dc71f75
7f2a68c0da6662a33f2ffff7a5a64a9f043038519e1e10195f257112e366d550
7fc39943077a29a169ac13eed2390b652207ab8c248abca2fa560c1c1a62d17d
7fcfcd553cfa4d7d8fdeafd07bc83c647bea4b5007ebf0ef1899e7acc361f909
80961ae07786f126d8435a35c029db649671bcffef0c3aaf1dfab9bda02846b9
8289c3974ca954c234c560d7176ba3679afe76f0a65f1adf63503adb15351951
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bad5922766a731b11cc37af0a6209ffb569f515f54a3dccf75dc8dc7ffba17
842c872b3898f5b0e7d31292eebc5442195611e262f59bae3e7d5b63c507e00d
84a62de3fe27c1a39c8a0551b639f3f2dbe12fdc55db6b6ebd9bcef0ab7c26f1
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
85d6300fc6a0ccecce0198517298ba81e159c64a3e1def0ebea315bcc84444fe
85d81a095f83dd52af94c0e690a76c449c27a73d64ef470a297201ec968e3a80
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cdfd2bc8fb21a0aa613e299151fcb6e7d7d3563be70785b1ca6cfda81ace714
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da
8ee6450e6b9dc01b9ea841e7469c5fed6ee2ad520dfd9cef2a0c303bc7748882
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
944683c22bac4fb0782048616bdac89229039afa4d41dae6ed947ada18d9a93a
95f2122a0fdeb006bdf1b752aeb4444e5dd48c5288029cee224e4c439dfa8d13
969231fe165a93933d6908d45bfa09c364b66de37160efea47d87d18d7d37bd8
969cdbbbd2d0e1faa7f9905eba9ed8956ab71fc29d53ea5477a6dab1c84df1d7
96c54271a37e46dec962e4ccba5f2c2cb583ada48a4d87d79bdaf01017753170
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee
984ced057d59f564ff6b738c686bc337edc7ae57fb4fe61e3f7de1463bb0d921
987f9e588458e94c96a5c11685861685a7e0b88bf3887c46f3b26383e02ffc86
99f9f022ce88d23a3e7e86bfc85afcd516e8fc8c0019cf26b4bd83cff0858c24
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06c938258f2d43c3803130d9eaf3a8a231236a3d8a4c13cd17872a880f3fee4
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12af3b3e8782c3af3ee41dd885a9ecd9e012712a12539d65dc61d77fa92419f
a1b8ef6d40a6f447aa71becd00f6fa9a4e1be4405fad120ab1aa8ae6ef2146bf
a21f623cfcdf22d8b19697a55f4477a927bfcc9b31dbc641b77f614f66ef8c61
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2b7c7cc08ce57578d831f83eed44cdf9424055b1d69b30c18eff2f5ee5b4735
a31a63105c78f736853702b5693e8388a960a33209e069b3f244f8b6212c42cb
a3ebacc26a1c3835f2df5c64c5ee68cf37e5fbc2617eee3fb2b5a6f4d0b24825
a4565ffdee4abefba6e408c9ac766d95327d28e859c6714c24bed26c3301dbb7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b2aacda5fca45c16c798de5756e520603ff8b2f50d1ffd24ac9f8250abbc6e
a7bf67883867f93d08cbf4eeac0485e641cb9e5b123e18bef046b7c706cffd28
a8143c07cb6ce244f2dcac5fdb46c47b8065b760c9bb5cb2076d8398bafb1f04
a87352099e9b3946d71f4f73c69f9217ef99278088a177d5eef09df78c11e4ae
aaa6689b1e50b7b7bef756a69b61cf86aa19c9d0b11ba6fff2c4db76a5f70eee
ab64b473a6f900a8278e8b2058930c7007fffe55526a313629d2311880c7c5a0
aca229cdda37de6f83a11b4c31989ae0e4d66b0794827834c39291f3aae42b41
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b00176dbbd9e4c77629b36fae58d076c8c3b55754e7c2dd3a6e4986e7ec9c37b
b0a6e3bcd733ba59a884f971da28382eb75975633a51d42497cc65db35240180
b3dc81463d28ff87ef6db31a66984c0546c7528d6af87e349cd8b2e69cd75071
b8e30981f7343ffb515df3b0cf0f1beaf42d5e4237caff00e22d3cc71ac2698f
ba48b71748bccc746a04e845f1baa4800cd7defe9fa29b9d546711cecc23a347
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
bb759faf67697ba0b5359e9574f85b1fe60574b6d96fce3df6eaf102501b107c
c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a
c323e7b251b93ff3f48b5bd378197a019bf2234aa0d12fa6a419d93457a265ba
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c3d84be67c0c5be9cfca5550b4bcc0947d40d62806652b81f7c296bfbc427357
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6f0dd8206df9adfe84428c4f85f678b1a01270a8359bbeef265f69bd94560a4
c812ddc9e475d3e65d68a6b3b589ce598a2a5babb7afc55477d59215c4a38a40
c888181a33972580a293f93de0dc3ca3f95628d604f76e58b8e3dc5987a3714c
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca37539556bc63b7dee5a085a1784418eb0f7cb7d6b4718983de69d045a5126d
cb242e1ac9a8fa9dc5f95787f0d1a78dd6de230bd64d3d4ce68da9fd5b67ac80
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfbcf6f2b7dc03fb7c4fa16ed987493dc7334e235956fdf4ac64a7e3832bcc63
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d2d0ca1038a449a5383baf378652993e988ead0b02654c396516bf87c6901308
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50
d6fab80ead833288e7c082145efe2794c6f3eca9317a996c798c17c49ff4b4d1
d7139c86828ab90555f59fbccbf0209ed8da1f5498ba5d78f80c3b189f38e705
d732fb68e5633f33e404ac69aa8b488b6e41c4dd564dd8d9581d6f5db4ef1511
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dbb35e60a04295be4ee05e714c74e64aaa0803c381ea14633a7ad90b086476b7
dccf695fa13de70f9739f90bd4021c00d0a608d4ed9741b2067a7a086c37c2d7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddf8fba08ed7e0474b362127ddde6aca01cb043bc751223e216e820a8c52e75e
de2a7f6d0a25415d7065e9473e0152d17639d2b4cc9e630ec456cc5503886fcf
df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7132b05538435de304aba8ccdd5da38d092dc18efb9521a91baa9c63b57e30f
e7a2310c9154f19eedb82407f74c1a145730de64287ee9e23303cabea3245ac2
eaec0883e585409eb364fa1733a39a56adac6c734aec14f22bd1409cc54a82aa
ed8fd5966c1d769a76d49fe6929becc99ca387a013c2bbed13165f9e5bfb315c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdde317b774ed03a69918bb931553608881c84987ce79e68c7f9d32d6138a96
f1d3290f08e41c706ef1d1e68a21b639de864f7919d4d241ae7413e8b27341bc
f3b4d2b0ace9d7302cec8a8ad629450eef7adb9cf69cb9bf7ce0c5759911c7b3
f7bed59fa65bab09685c68630bcb0a298c1d572dbaf35f308b77cded7a59b7e1
f90dbf1b6c133709d9e77404ed79ddba9196a30e587d940df7c21e937998ed44
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77
fa57aadd60b7ab6635842a44dfe10c67205549d67cc4f521ba112cc3cb147d15
fa8e4727947326d0a95b8b59ee2dc2a2b8513d07012690f042ccc581c869a8c0
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fc18979baf0eec863f316321b7bb34bc3f1005723d07dd7124abc7c0d3b7617f
fdcc617bcdca234f00e8841c6fde4aea213dfb0db62203c57976a63979827943
ffeb800501341f13f449958cfec604cc8b5135cc888ecebb44b23932df956a3e