URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Submission: On January 05 via manual from US

Summary

This website contacted 29 IPs in 7 countries across 36 domains to perform 68 HTTP transactions. The main IP is 81.171.25.243, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is www.afterdawn.com.
This is the only time www.afterdawn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 81.171.25.243 60781 (LEASEWEB-...)
14 195.181.174.7 60068 (CDN77)
2 2a00:1450:400... 15169 (GOOGLE)
4 34.249.51.231 16509 (AMAZON-02)
2 81.171.25.242 60781 (LEASEWEB-...)
1 54.192.131.56 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2.21.246.10 20940 (AKAMAI-ASN1)
1 54.240.184.219 16509 (AMAZON-02)
1 52.94.218.7 16509 (AMAZON-02)
1 3 2.21.246.91 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:200... 16509 (AMAZON-02)
1 2a03:2880:f02... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
11 52.17.204.197 16509 (AMAZON-02)
1 1 52.19.190.60 16509 (AMAZON-02)
4 172.217.18.162 15169 (GOOGLE)
1 95.172.94.55 15570 (Internap ...)
3 3 35.187.29.235 15169 (GOOGLE)
1 1 216.58.207.34 15169 (GOOGLE)
1 1 173.241.240.143 36089 (OPENX-AS1)
1 2 34.233.214.145 14618 (AMAZON-AES)
4 4 184.169.177.13 16509 (AMAZON-02)
1 1 52.58.201.177 16509 (AMAZON-02)
1 1 151.101.114.2 54113 (FASTLY)
2 2 151.101.114.49 54113 (FASTLY)
1 74.117.199.102 2762 (ADIFY-1)
1 1 151.101.112.166 54113 (FASTLY)
1 2 52.48.166.254 16509 (AMAZON-02)
1 1 8.41.222.241 26120 (RHYTHMONE)
1 1 23.92.190.69 10913 (INTERNAP-BLK)
1 1 37.252.172.12 29990 (ASN-APPNEXUS)
1 1 185.29.135.233 30419 (MEDIAMATH...)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.111.232.108 20940 (AKAMAI-ASN1)
1 2.21.246.11 20940 (AKAMAI-ASN1)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 151.101.114.110 54113 (FASTLY)
1 162.247.242.21 23467 (NEWRELIC-...)
68 29
Apex Domain
Subdomains
Transfer
14 afterdawn.fi
cdn.afterdawn.fi
cdn2.afterdawn.fi
cdn1.afterdawn.fi
cdn0.afterdawn.fi
cdn3.afterdawn.fi
12 sonobi.com
sync.go.sonobi.com
purch-sync.go.sonobi.com
876 B
5 doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
559 B
5 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 adsrvr.org
match.adsrvr.org
3 KB
4 servebom.com
ads.servebom.com
3 bidswitch.net
x.bidswitch.net
2 KB
3 google.com
adservice.google.com
apis.google.com
3 google-analytics.com
www.google-analytics.com
3 scorecardresearch.com
b.scorecardresearch.com
727 B
3 afterdawn.com
www.afterdawn.com
stuff.afterdawn.com
2 rubiconproject.com
assets.rubiconproject.com
pixel-us-east.rubiconproject.com
507 B
2 demdex.net
dpm.demdex.net
615 B
2 taboola.com
trc.taboola.com
match.taboola.com
1 KB
2 rkdms.com
mid.rkdms.com
574 B
2 amazon-adsystem.com
c.amazon-adsystem.com
aax.amazon-adsystem.com
2 quantserve.com
edge.quantserve.com
pixel.quantserve.com
2 googleapis.com
ajax.googleapis.com
1 nr-data.net
bam.nr-data.net
1 newrelic.com
js-agent.newrelic.com
1 bkrtx.com
tags.bkrtx.com
1 facebook.com
www.facebook.com
1 mathtag.com
sync.mathtag.com
460 B
1 adnxs.com
ib.adnxs.com
916 B
1 lijit.com
ap.lijit.com
396 B
1 rhythmxchange.com
sync.rhythmxchange.com
533 B
1 contextweb.com
bh.contextweb.com
797 B
1 afy11.net
ad.afy11.net
1 basebanner.com
match.basebanner.com
708 B
1 3lift.com
eb2.3lift.com
480 B
1 openx.net
us-u.openx.net
440 B
1 facebook.net
connect.facebook.net
1 quantcount.com
rules.quantcount.com
1 google.de
adservice.google.de
1 googletagservices.com
www.googletagservices.com
1 deliverybundlessign.com
js.deliverybundlessign.com
68 36
Domain Requested by
11 sync.go.sonobi.com ads.servebom.com
www.afterdawn.com
5 cdn1.afterdawn.fi www.afterdawn.com
pagead2.googlesyndication.com
ajax.googleapis.com
5 cdn.afterdawn.fi www.afterdawn.com
4 match.adsrvr.org 4 redirects
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
4 pagead2.googlesyndication.com www.afterdawn.com
pagead2.googlesyndication.com
4 ads.servebom.com www.afterdawn.com
ads.servebom.com
3 x.bidswitch.net 3 redirects
3 www.google-analytics.com www.afterdawn.com
3 b.scorecardresearch.com 1 redirects www.afterdawn.com
2 dpm.demdex.net 1 redirects www.afterdawn.com
2 mid.rkdms.com 1 redirects www.afterdawn.com
2 apis.google.com www.afterdawn.com
apis.google.com
2 cdn2.afterdawn.fi www.afterdawn.com
2 stuff.afterdawn.com www.afterdawn.com
2 ajax.googleapis.com www.afterdawn.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.afterdawn.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 assets.rubiconproject.com ads.servebom.com
1 tags.bkrtx.com ads.servebom.com
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 www.facebook.com www.afterdawn.com
1 sync.mathtag.com 1 redirects
1 ib.adnxs.com 1 redirects
1 ap.lijit.com 1 redirects
1 sync.rhythmxchange.com 1 redirects
1 bh.contextweb.com 1 redirects
1 ad.afy11.net www.afterdawn.com
1 match.basebanner.com 1 redirects
1 match.taboola.com 1 redirects
1 trc.taboola.com 1 redirects
1 eb2.3lift.com 1 redirects
1 us-u.openx.net 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 pixel.quantserve.com www.afterdawn.com
1 purch-sync.go.sonobi.com 1 redirects
1 connect.facebook.net www.afterdawn.com
1 rules.quantcount.com edge.quantserve.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 cdn3.afterdawn.fi www.afterdawn.com
1 cdn0.afterdawn.fi www.afterdawn.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 www.googletagservices.com ads.servebom.com
1 c.amazon-adsystem.com ads.servebom.com
1 edge.quantserve.com www.afterdawn.com
1 js.deliverybundlessign.com www.afterdawn.com
1 www.afterdawn.com
68 49
Subject Issuer Validity Valid
1992299737.rsc.cdn77.org
Let's Encrypt Authority X3
2017-11-29 -
2018-02-27
3 months crt.sh
*.google-analytics.com
Google Internet Authority G3
2017-11-29 -
2018-02-21
3 months crt.sh
*.google.com
Google Internet Authority G2
2017-11-29 -
2018-02-21
3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2017-11-29 -
2018-02-21
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2016-12-09 -
2018-01-25
a year crt.sh
*.apis.google.com
Google Internet Authority G3
2017-12-13 -
2018-03-07
3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2017-12-12 -
2018-05-04
5 months crt.sh
*.nr-data.net
GeoTrust SSL CA - G3
2017-07-18 -
2018-03-17
8 months crt.sh

This page contains 2 frames:

Primary Page: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Frame ID: (1C57629582D9438439C741B156B2E955)
Requests: 69 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180102/r20170110/show_ads_impl.js
Frame ID: (CB3A31B03E083FC155AD38388E7056)
Requests: 2 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /.*Varnish/i

Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /apis\.google\.com\/js\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

68
Requests

32 %
HTTPS

21 %
IPv6

36
Domains

49
Subdomains

29
IPs

7
Countries

0 kB
Transfer

2043 kB
Size

80
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 33
  • http://b.scorecardresearch.com/b?c1=2&c2=7517132&ns__t=1515187002806&ns_c=windows-1252&cv=3.1&c8=Downloading%20SharePod%20v3.9.9...&c7=http%3A%2F%2Fwww.afterdawn.com%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod&c9= HTTP 302
  • http://b.scorecardresearch.com/b2?c1=2&c2=7517132&ns__t=1515187002806&ns_c=windows-1252&cv=3.1&c8=Downloading%20SharePod%20v3.9.9...&c7=http%3A%2F%2Fwww.afterdawn.com%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod&c9=
Request Chain 34
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.1&utms=1&utmn=1218161212&utmhn=www.afterdawn.com&utme=8(User%20Type)9(Visitor)11(2)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Downloading%20SharePod%20v3.9.9...&utmhid=571022591&utmr=-&utmp=%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod&utmht=1515187002827&utmac=UA-2099875-1&utmcc=__utma%3D101350609.69328032.1515187003.1515187003.1515187003.1%3B%2B__utmz%3D101350609.1515187003.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2101951932&utmredir=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.1&utms=1&utmn=1218161212&utmhn=www.afterdawn.com&utme=8(User%20Type)9(Visitor)11(2)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Downloading%20SharePod%20v3.9.9...&utmhid=571022591&utmr=-&utmp=%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod&utmht=1515187002827&utmac=UA-2099875-1&utmcc=__utma%3D101350609.69328032.1515187003.1515187003.1515187003.1%3B%2B__utmz%3D101350609.1515187003.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2101951932&utmredir=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~
Request Chain 35
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.1&utms=2&utmn=1095736932&utmhn=www.afterdawn.com&utme=8(User%20Type)9(Visitor)11(2)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Downloading%20SharePod%20v3.9.9...&utmhid=571022591&utmr=-&utmp=%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod&utmht=1515187002832&utmac=UA-2099875-17&utmcc=__utma%3D101350609.69328032.1515187003.1515187003.1515187003.1%3B%2B__utmz%3D101350609.1515187003.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1532040676&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAQAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.1&utms=2&utmn=1095736932&utmhn=www.afterdawn.com&utme=8(User%20Type)9(Visitor)11(2)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Downloading%20SharePod%20v3.9.9...&utmhid=571022591&utmr=-&utmp=%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod&utmht=1515187002832&utmac=UA-2099875-17&utmcc=__utma%3D101350609.69328032.1515187003.1515187003.1515187003.1%3B%2B__utmz%3D101350609.1515187003.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1532040676&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAQAAAAAAE~
Request Chain 37
  • http://connect.facebook.net/en_US/sdk.js HTTP 307
  • https://connect.facebook.net/en_US/sdk.js
Request Chain 40
  • http://purch-sync.go.sonobi.com/us?http://ads.servebom.com/partner?cb=3901&svc=us&id=9&uid=[UID] HTTP 302
  • http://ads.servebom.com/partner?cb=3901&svc=us&id=9&uid=ba46f559-f25d-11e7-a228-0219060f95f2
Request Chain 45
  • http://x.bidswitch.net/sync?ssp=sonobi HTTP 302
  • http://x.bidswitch.net/ul_cb/sync?ssp=sonobi HTTP 302
  • http://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi HTTP 302
  • http://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDd5sQf_s1rrt0ZMaVFHEMI&google_cver=1&ssp=sonobi HTTP 302
  • http://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=abf65cc2-ed8f-4b2c-b43e-278fec957339
Request Chain 46
  • http://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=http%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D HTTP 302
  • http://sync.go.sonobi.com/us.gif?nw=openx&nuid=f0d78544-aeff-02a7-1536-9d3d35656380
Request Chain 47
  • http://mid.rkdms.com/bct?pid=045300ee-b79a-459e-a4a2-ead2b2a7badb&_ct=img&puid=ba46f559-f25d-11e7-a228-0219060f95f2 HTTP 302
  • http://match.adsrvr.org/track/cmf/generic?ttd_pid=4h3yn1f&ttd_tpi=1 HTTP 302
  • http://match.adsrvr.org/track/cmb/generic?ttd_pid=4h3yn1f&ttd_tpi=1 HTTP 302
  • http://mid.rkdms.com/bct?pid=02760a75-50e3-4c64-b77b-fb5fcd04e437&_ct=img&puid=533d1258-300f-490a-a369-7d724cfefe1d
Request Chain 48
  • http://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1 HTTP 302
  • http://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1 HTTP 302
  • http://sync.go.sonobi.com/us.gif?nw=td&nuid=a4d7c801-5ff3-4028-af7a-b3e7303c788a
Request Chain 49
  • http://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID HTTP 302
  • http://sync.go.sonobi.com/us.gif?nw=tl&nuid=9736910552923801883
Request Chain 50
  • http://trc.taboola.com/sg/sonobi-ssp-network/1/rtb-h?taboola_hm=1 HTTP 302
  • http://match.taboola.com/sg/sonobi-ssp-network/1/rtb-h?taboola_hm=1&tbid=c7a6cde2-99b1-4403-b10a-c7b224bb3db2-tuct14970ba HTTP 302
  • http://match.basebanner.com/match?tabid=c7a6cde2-99b1-4403-b10a-c7b224bb3db2-tuct14970ba&extuid=1&excid=42&cijs=0 HTTP 302
  • http://sync.go.sonobi.com/us.gif?nw=tb&nuid=c7a6cde2-99b1-4403-b10a-c7b224bb3db2-tuct14970ba
Request Chain 52
  • http://bh.contextweb.com/bh/rtset?do=add&pid=561191&ev=ba46f559-f25d-11e7-a228-0219060f95f2&daaqp=1&rurl=http%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • http://sync.go.sonobi.com/us.gif?nw=pp&nuid=Eh2Ce8NuqE14
Request Chain 53
  • http://dpm.demdex.net/ibs:dpid=87880&dpuuid=ba46f559-f25d-11e7-a228-0219060f95f2 HTTP 302
  • http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=ba46f559-f25d-11e7-a228-0219060f95f2
Request Chain 54
  • http://sync.rhythmxchange.com/usersync2/sonobi HTTP 302
  • http://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=OPTOUT
Request Chain 55
  • http://ap.lijit.com/pixel?redir=http%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dsv%26nuid%3D%24UID HTTP 307
  • http://sync.go.sonobi.com/us.gif?nw=sv&nuid=e9767c2c4a2d50be4c002ec8
Request Chain 56
  • http://ib.adnxs.com/getuid?http://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • http://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2238143575827756157
Request Chain 57
  • http://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=http%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • http://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=327c5a4f-e838-4b00-ad84-cc820170331f
Request Chain 67
  • http://pixel-us-east.rubiconproject.com/exchange/sync.php?p=11868 HTTP 307
  • http://ads.servebom.com/partner?svc=us&id=19&uid=JC2F7YGV-1V-DINT

68 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request sharepod
www.afterdawn.com/software/general/download_splash.cfm/
40 KB
0
Document
General
Full URL
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
81.171.25.243 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
varnish.n.afterdawn.net
Software
/
Resource Hash
96979e6c06d04937abfb713eca3515ce0550a4ec28ca6dc7aaa634f89f3c8396

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
www.afterdawn.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-aD-Frontend
varnish-eu
Date
Fri, 05 Jan 2018 21:16:41 GMT
Via
varnish-eu.afterdawn.net 1.1 varnish (Varnish/5.1)
X-aD-Backend-Server
web2
X-Cacheable
YES
Age
0
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
text/html;charset=windows-1252
X-Varnish
4532484
Connection
keep-alive
Accept-Ranges
bytes
Content-Encoding
gzip
X-aD-Backend-Time
D=469988
Content-Length
14374
g=dlcss&1514317242
cdn.afterdawn.fi/min/
143 KB
0
Stylesheet
General
Full URL
https://cdn.afterdawn.fi/min/g=dlcss&1514317242
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.181.174.7 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo / PHP/5.4.16
Resource Hash
2e4dbbba024782d7ca41fb2cdbd99c86434f98e2fef974e8c07b9f23e2c3e5d8

Request headers

:path
/min/g=dlcss&1514317242
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
cdn.afterdawn.fi
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 05 Jan 2018 21:16:42 GMT
content-encoding
gzip
etag
W/"pub1514317242"
last-modified
Tue, 26 Dec 2017 19:40:42 GMT
server
CDN77-Turbo
x-edge-location
frankfurtDE
x-powered-by
PHP/5.4.16
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=ISO-8859-1
status
200
cache-control
max-age=31536000, public
x-edge-ip
195.181.174.1
x-age
810588
expires
Thu, 27 Dec 2018 12:06:54 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/
70 KB
0
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ajax.googleapis.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Mon, 11 Dec 2017 01:56:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
2229606
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
24715
X-XSS-Protection
1; mode=block
Expires
Tue, 11 Dec 2018 01:56:36 GMT
Cookie set tmnhead.js
ads.servebom.com/
66 KB
0
Script
General
Full URL
http://ads.servebom.com/tmnhead.js
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
34.249.51.231 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-51-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fefd649f02a86c02433ae99df5e829cc428e9ef8a0b7dadbe59cc972bd9d6f1c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ads.servebom.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Encoding
gzip
Set-Cookie
u=CCFEC5C00F434B7CB1E1298A2A81F84B; Expires=Sat, 05 Jan 2019 21:16:42 GMT; Path=/; Domain=ads.servebom.com ud=20180105211642+0000; Expires=Sat, 05 Jan 2019 21:16:42 GMT; Path=/; Domain=ads.servebom.com a.5076="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:42 GMT; Path=/; Domain=ads.servebom.com a.7035="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:42 GMT; Path=/; Domain=ads.servebom.com a.5393="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:42 GMT; Path=/; Domain=ads.servebom.com a.4080="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:42 GMT; Path=/; Domain=ads.servebom.com a.5403="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:42 GMT; Path=/; Domain=ads.servebom.com a.4973="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:42 GMT; Path=/; Domain=ads.servebom.com a.5622="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:42 GMT; Path=/; Domain=ads.servebom.com a.5402="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:42 GMT; Path=/; Domain=ads.servebom.com a.5401="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:42 GMT; Path=/; Domain=ads.servebom.com a.5367="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:42 GMT; Path=/; Domain=ads.servebom.com a.4100="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:42 GMT; Path=/; Domain=ads.servebom.com a.7034="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:42 GMT; Path=/; Domain=ads.servebom.com a.5801="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:42 GMT; Path=/; Domain=ads.servebom.com a.4514="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:42 GMT; Path=/; Domain=ads.servebom.com a.5404="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:42 GMT; Path=/; Domain=ads.servebom.com ramp_session=5590A638E55E40C7A3F2EF4B79D52DF7; Expires=Fri, 05 Jan 2018 22:16:42 GMT; Path=/; Domain=ads.servebom.com
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Length
16641
Connection
keep-alive
Content-Type
application/x-javascript
cookieconsent.min.js
stuff.afterdawn.com/cookieconsent/build/
0
0
Script
General
Full URL
http://stuff.afterdawn.com/cookieconsent/build/cookieconsent.min.js
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
81.171.25.242 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
web3.n.afterdawn.net
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
stuff.afterdawn.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 05 Jan 2018 21:16:42 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
238
Content-Type
text/html; charset=iso-8859-1
dl.min.js
js.deliverybundlessign.com/
2 KB
0
Script
General
Full URL
http://js.deliverybundlessign.com/dl.min.js
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
54.192.131.56 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-131-56.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e9b1e419ce53f556d21d94b8e3deb4cc772040d5b871a3fe1412f1d42fc0b49

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
js.deliverybundlessign.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 30 Nov 2017 06:57:52 GMT
Via
1.1 61bf8531cf60ef2662d2566a3b4f1d1a.cloudfront.net (CloudFront)
Last-Modified
Thu, 10 Aug 2017 07:40:39 GMT
Server
AmazonS3
Age
46306
ETag
"61cc842cd45a9714f8cf3596b9ae82d0"
X-Cache
Hit from cloudfront
x-amz-version-id
3kg27hHZEF.jyft4m.8HfrJ2gYVRK1XF
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
1621
X-Amz-Cf-Id
haqfKiAy4h3ZKnTeRYxLCj7vM_3PmPPRZXTNc5drsEowNawEBiKQ-w==
logoSOF.gif
cdn.afterdawn.fi/v4/topBar/
5 KB
0
Image
General
Full URL
https://cdn.afterdawn.fi/v4/topBar/logoSOF.gif
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.181.174.7 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
413e24db425417fa28a81af600ef7cdd50df8ba038b0991b8cfc66b8b891242b

Request headers

:path
/v4/topBar/logoSOF.gif
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.afterdawn.fi
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 05 Jan 2018 21:16:42 GMT
last-modified
Sat, 04 Jul 2009 09:45:43 GMT
server
CDN77-Turbo
x-edge-location
frankfurtDE
etag
"44992327"
x-cache
HIT
content-type
image/gif
status
200
cache-control
max-age=31104000
x-edge-ip
195.181.174.1
x-age
14945396
accept-ranges
bytes
content-length
5313
expires
Wed, 11 Jul 2018 21:46:46 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
67 KB
0
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
2765f19e4006f59fde185d5a51950cb3c832fa2adada3efea6aedf06ad3165f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
pagead2.googlesyndication.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Fri, 05 Jan 2018 21:16:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
18179667256418508035
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
25526
X-XSS-Protection
1; mode=block
Expires
Fri, 05 Jan 2018 21:16:42 GMT
rating_5_0.gif
cdn.afterdawn.fi/v4/download/
936 B
0
Image
General
Full URL
https://cdn.afterdawn.fi/v4/download/rating_5_0.gif
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.181.174.7 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
5ef8759851ebb2b7c39b9448480a867a26f1c0c6dcbb6211424055cf725f6ec3

Request headers

:path
/v4/download/rating_5_0.gif
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.afterdawn.fi
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 05 Jan 2018 21:16:42 GMT
last-modified
Wed, 10 Dec 2008 12:25:52 GMT
server
CDN77-Turbo
x-edge-location
frankfurtDE
etag
"2162252646"
x-cache
HIT
content-type
image/gif
status
200
cache-control
max-age=31104000
x-edge-ip
195.181.174.1
x-age
14945394
accept-ranges
bytes
content-length
936
expires
Wed, 11 Jul 2018 21:46:48 GMT
logoDAWNv4.gif
cdn.afterdawn.fi/v4/topBar/
7 KB
0
Image
General
Full URL
https://cdn.afterdawn.fi/v4/topBar/logoDAWNv4.gif
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.181.174.7 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
5a8ad40f18c6232e83734bc1089b95ccaf5f53ba136972555dae3d339b319d69

Request headers

:path
/v4/topBar/logoDAWNv4.gif
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.afterdawn.fi
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 05 Jan 2018 21:16:42 GMT
last-modified
Mon, 25 Aug 2008 10:25:58 GMT
server
CDN77-Turbo
x-edge-location
frankfurtDE
etag
"3818602433"
x-cache
HIT
content-type
image/gif
status
200
cache-control
max-age=31104000
x-edge-ip
195.181.174.1
x-age
14945396
accept-ranges
bytes
content-length
7037
expires
Wed, 11 Jul 2018 21:46:46 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.8.4/
190 KB
0
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.4/jquery-ui.min.js
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6a700bb2a9bebc84a5ec198bfade1559fa6ce736ccdc015f463fa90468592cd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ajax.googleapis.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 07 Dec 2017 00:28:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
2580478
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
50116
X-XSS-Protection
1; mode=block
Expires
Fri, 07 Dec 2018 00:28:44 GMT
g=adengswjs&1514495197
cdn.afterdawn.fi/min/
52 KB
0
Script
General
Full URL
https://cdn.afterdawn.fi/min/g=adengswjs&1514495197
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.181.174.7 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo / PHP/5.4.16
Resource Hash
c33288db3c8e2991eb26c0f57b406d821613775ab80fd7e21f9fda9f960151e2

Request headers

:path
/min/g=adengswjs&1514495197
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cdn.afterdawn.fi
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 05 Jan 2018 21:16:42 GMT
content-encoding
gzip
etag
W/"pub1514495197"
last-modified
Thu, 28 Dec 2017 21:06:37 GMT
server
CDN77-Turbo
x-edge-location
frankfurtDE
x-powered-by
PHP/5.4.16
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript; charset=ISO-8859-1
status
200
cache-control
max-age=31536000, public
x-edge-ip
195.181.174.1
x-age
637866
expires
Sat, 29 Dec 2018 12:05:36 GMT
quant.js
edge.quantserve.com/
12 KB
0
Script
General
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
2.21.246.10 , Austria, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
0356044214bfbedb4744e88e7b07a853ac4fa09bb7381832e48886d6d4b7096e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
edge.quantserve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 05 Jan 2018 21:16:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 May 2017 20:26:55 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5458
Expires
Sat, 06 Jan 2018 21:16:42 GMT
amzn_ads.js
c.amazon-adsystem.com/aax2/
12 KB
0
Script
General
Full URL
http://c.amazon-adsystem.com/aax2/amzn_ads.js
Requested by
Host: ads.servebom.com
URL: http://ads.servebom.com/tmnhead.js
Protocol
HTTP/1.1
Server
54.240.184.219 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-240-184-219.ams50.r.cloudfront.net
Software
Server /
Resource Hash
7c7e696a1f779d7e66369e32c336da071da0e79e141b10c840b8e8d03ff21f1a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
c.amazon-adsystem.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 24 Dec 2017 20:12:09 GMT
Content-Encoding
gzip
Server
Server
Age
3853
ETag
5518f51747dc1fe2705a2d2421871817
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 4eaf05435d5efcf9fee357dc50386904.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4001
X-Amz-Cf-Id
Qff3UHEHsI7FXhuUuK2TFzbHiSoTYzzO3HxgUwdRs6NHDNaScscI0g==
gpt.js
www.googletagservices.com/tag/js/
13 KB
0
Script
General
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ads.servebom.com
URL: http://ads.servebom.com/tmnhead.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a46267bc2b4c50a76bd11e8cbae1c31d16826a6fe3db3016cc91d8436ab709e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.googletagservices.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 05 Jan 2018 21:16:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1515172093230688"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin
*
Content-Length
5801
X-XSS-Protection
1; mode=block
Expires
Fri, 05 Jan 2018 21:16:42 GMT
cookieconsent.min.js
stuff.afterdawn.com/cookieconsent/build/
0
0
Script
General
Full URL
http://stuff.afterdawn.com/cookieconsent/build/cookieconsent.min.js
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
81.171.25.242 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
web3.n.afterdawn.net
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
stuff.afterdawn.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 05 Jan 2018 21:16:42 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
238
Content-Type
text/html; charset=iso-8859-1
bid
aax.amazon-adsystem.com/e/dtb/
33 B
0
Script
General
Full URL
http://aax.amazon-adsystem.com/e/dtb/bid?src=3150&u=http%3A%2F%2Fwww.afterdawn.com%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod&cb=4869894&t=200
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/amzn_ads.js
Protocol
HTTP/1.1
Server
52.94.218.7 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
5e4b3bc24864623f5dad7ef3653aa6a19f5fbfe32d5577b3583da90c107c082e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
aax.amazon-adsystem.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 05 Jan 2018 21:16:42 GMT
Server
Server
Connection
Keep-Alive
Keep-Alive
timeout=2, max=7
Content-Length
33
Vary
User-Agent
Content-Type
text/javascript;charset=UTF-8
beacon.js
b.scorecardresearch.com/
1 KB
0
Script
General
Full URL
http://b.scorecardresearch.com/beacon.js
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
2.21.246.91 , Austria, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
b.scorecardresearch.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 05 Jan 2018 21:16:42 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=1209600
Connection
keep-alive
Content-Length
901
Expires
Fri, 19 Jan 2018 21:16:42 GMT
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
0
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7c2c58fc24e2d3458b88680cfad4577011697df9a1406808f2f7d8f46060d8a7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/ga.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2017 20:19:12 GMT
server
Golfe2
age
5518
date
Fri, 05 Jan 2018 19:44:44 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
17172
expires
Fri, 05 Jan 2018 21:44:44 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
bk_glow.png
cdn2.afterdawn.fi/v4/bk/
318 B
0
Image
General
Full URL
http://cdn2.afterdawn.fi/v4/bk/bk_glow.png
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
195.181.174.7 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
a843b9c5d51c9525475b62a37742bc2b2e812a6a23699b47cc0c4035606ed514

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
cdn2.afterdawn.fi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 05 Jan 2018 21:16:42 GMT
Last-Modified
Thu, 25 Mar 2010 11:56:21 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"4291162865"
X-Cache
HIT
Content-Type
image/png
Cache-Control
max-age=31104000
X-Edge-IP
195.181.174.1
Connection
keep-alive
Accept-Ranges
bytes
X-Age
14945418
Content-Length
318
Expires
Wed, 11 Jul 2018 21:46:24 GMT
aftersprites.120213.png
cdn1.afterdawn.fi/v4/
39 KB
0
Image
General
Full URL
http://cdn1.afterdawn.fi/v4/aftersprites.120213.png
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
195.181.174.7 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
d694fd870b2b8a510f089f600942ea4afef7c42bc23135d6a7de59f516ab0b33

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
cdn1.afterdawn.fi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 05 Jan 2018 21:16:42 GMT
Last-Modified
Mon, 13 Feb 2012 12:24:53 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"2580657782"
X-Cache
HIT
Content-Type
image/png
Cache-Control
max-age=31104000
X-Edge-IP
195.181.174.1
Connection
keep-alive
Accept-Ranges
bytes
X-Age
14945396
Content-Length
40178
Expires
Wed, 11 Jul 2018 21:46:46 GMT
bg_search.gif
cdn1.afterdawn.fi/v4/topBar/
149 B
0
Image
General
Full URL
http://cdn1.afterdawn.fi/v4/topBar/bg_search.gif
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
195.181.174.7 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
d4eaba3489683c6d35d078e2e789737c085472b9580a5b55b4860685e9ebf981

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
cdn1.afterdawn.fi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 05 Jan 2018 21:16:42 GMT
Last-Modified
Fri, 13 Mar 2009 07:57:01 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"1271807902"
X-Cache
HIT
Content-Type
image/gif
Cache-Control
max-age=31104000
X-Edge-IP
195.181.174.1
Connection
keep-alive
Accept-Ranges
bytes
X-Age
14945396
Content-Length
149
Expires
Wed, 11 Jul 2018 21:46:46 GMT
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00d8574968fd87dad2bb6bf17a05308015236a1f9b5465460d9f48d0bedd9aff

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/
76 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0adfdc4b799a5617ede4468dcee82145e68cfb0441070ccbd4fb340e0e29b3f5

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
bggrad.png
cdn0.afterdawn.fi/v4/topBar/
1 KB
0
Image
General
Full URL
http://cdn0.afterdawn.fi/v4/topBar/bggrad.png
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
195.181.174.7 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
c6e76ef1344c1464e59530e4d00bd69dca06e6ac417282fcdbfe65551ca80f28

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
cdn0.afterdawn.fi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 05 Jan 2018 21:16:42 GMT
Last-Modified
Mon, 10 Sep 2012 12:21:31 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"1755710695"
X-Cache
HIT
Content-Type
image/png
Cache-Control
max-age=31104000
X-Edge-IP
195.181.174.1
Connection
keep-alive
Accept-Ranges
bytes
X-Age
14945396
Content-Length
1133
Expires
Wed, 11 Jul 2018 21:46:46 GMT
bg_dropShadow_dl1d.gif
cdn3.afterdawn.fi/v4/topBar/
192 B
0
Image
General
Full URL
http://cdn3.afterdawn.fi/v4/topBar/bg_dropShadow_dl1d.gif
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
195.181.174.7 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
5add489a25395c3ce162a037b00c89529b40490f4c89674c1d345c09e5c87376

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
cdn3.afterdawn.fi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 05 Jan 2018 21:16:42 GMT
Last-Modified
Wed, 08 Oct 2008 13:55:19 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"3288384511"
X-Cache
HIT
Content-Type
image/gif
Cache-Control
max-age=31104000
X-Edge-IP
195.181.174.1
Connection
keep-alive
Accept-Ranges
bytes
X-Age
14945449
Content-Length
192
Expires
Wed, 11 Jul 2018 21:45:53 GMT
bg_dropShadow_dl2f.gif
cdn1.afterdawn.fi/v4/topBar/
555 B
0
Image
General
Full URL
http://cdn1.afterdawn.fi/v4/topBar/bg_dropShadow_dl2f.gif
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
195.181.174.7 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
ac31e65f64bf0f367c231d0da2ae8da3de5a04f3ff2387dbd70221719939941a

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
cdn1.afterdawn.fi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 05 Jan 2018 21:16:42 GMT
Last-Modified
Wed, 25 Mar 2009 12:03:37 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"494071792"
X-Cache
HIT
Content-Type
image/gif
Cache-Control
max-age=31104000
X-Edge-IP
195.181.174.1
Connection
keep-alive
Accept-Ranges
bytes
X-Age
6747846
Content-Length
555
Expires
Sun, 14 Oct 2018 18:52:35 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2939efb1a63092990f4de37d5f945eaef9a3ea061420dbdb6aa004a3884662d

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/gif
bk_3_c_red.gif
cdn2.afterdawn.fi/v4/bk/
159 B
0
Image
General
Full URL
http://cdn2.afterdawn.fi/v4/bk/bk_3_c_red.gif
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
195.181.174.7 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
3a354e0441c135d886a89e51fdafea199d6d6b4dc4669e7d817f610014a27094

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
cdn2.afterdawn.fi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 05 Jan 2018 21:16:42 GMT
Last-Modified
Fri, 26 Mar 2010 09:17:45 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"3217182513"
X-Cache
HIT
Content-Type
image/gif
Cache-Control
max-age=31104000
X-Edge-IP
195.181.174.1
Connection
keep-alive
Accept-Ranges
bytes
X-Age
14945396
Content-Length
159
Expires
Wed, 11 Jul 2018 21:46:46 GMT
integrator.js
adservice.google.de/adsid/
108 B
0
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.afterdawn.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/adsid/integrator.js?domain=www.afterdawn.com
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
adservice.google.de
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Jan 2018 21:16:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
107
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/
108 B
0
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.afterdawn.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/adsid/integrator.js?domain=www.afterdawn.com
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
adservice.google.com
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Jan 2018 21:16:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
107
x-xss-protection
1; mode=block
download_button_full.gif
cdn1.afterdawn.fi/v4/download/
3 KB
0
Image
General
Full URL
http://cdn1.afterdawn.fi/v4/download/download_button_full.gif
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
195.181.174.7 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
e247fc0445afcc487cf76418f4066a44970eec59afdef991758ee9d228f460eb

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
cdn1.afterdawn.fi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 05 Jan 2018 21:16:42 GMT
Last-Modified
Thu, 26 Mar 2009 08:52:44 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"559222458"
X-Cache
HIT
Content-Type
image/gif
Cache-Control
max-age=31104000
X-Edge-IP
195.181.174.1
Connection
keep-alive
Accept-Ranges
bytes
X-Age
14945394
Content-Length
3018
Expires
Wed, 11 Jul 2018 21:46:48 GMT
ca-pub-5626074131133514.js
pagead2.googlesyndication.com/pub-config/r20160913/
133 B
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-5626074131133514.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pub-config/r20160913/ca-pub-5626074131133514.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 05 Jan 2018 10:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2018 03:31:14 GMT
server
sffe
age
38865
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
125
x-xss-protection
1; mode=block
expires
Fri, 05 Jan 2018 22:28:57 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180102/r20170110/ Frame (CB3
179 KB
0
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20180102/r20170110/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
3862325a0930447233fd0b1aacb3d9be10a028120508aeb400c68d5a8a4cf9e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
pagead2.googlesyndication.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Fri, 05 Jan 2018 21:16:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
14786858300554655842
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
67973
X-XSS-Protection
1; mode=block
Expires
Fri, 05 Jan 2018 21:16:42 GMT
b2
b.scorecardresearch.com/
Redirect Chain
  • http://b.scorecardresearch.com/b?c1=2&c2=7517132&ns__t=1515187002806&ns_c=windows-1252&cv=3.1&c8=Downloading%20SharePod%20v3.9.9...&c7=http%3A%2F%2Fwww.afterdawn.com%2Fsoftware%2Fgeneral%2Fdownload...
  • http://b.scorecardresearch.com/b2?c1=2&c2=7517132&ns__t=1515187002806&ns_c=windows-1252&cv=3.1&c8=Downloading%20SharePod%20v3.9.9...&c7=http%3A%2F%2Fwww.afterdawn.com%2Fsoftware%2Fgeneral%2Fdownloa...
0
0
Image
General
Full URL
http://b.scorecardresearch.com/b2?c1=2&c2=7517132&ns__t=1515187002806&ns_c=windows-1252&cv=3.1&c8=Downloading%20SharePod%20v3.9.9...&c7=http%3A%2F%2Fwww.afterdawn.com%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod&c9=
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
2.21.246.91 , Austria, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
b.scorecardresearch.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Cookie
UID=1DB2aa21a24687a1a343e901515187002; UIDR=1515187002
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:42 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:42 GMT
Location
http://b.scorecardresearch.com/b2?c1=2&c2=7517132&ns__t=1515187002806&ns_c=windows-1252&cv=3.1&c8=Downloading%20SharePod%20v3.9.9...&c7=http%3A%2F%2Fwww.afterdawn.com%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod&c9=
Set-Cookie
UID=1DB2aa21a24687a1a343e901515187002; expires=Thu, 26-Dec-2019 21:16:42 GMT; path=/; domain=.scorecardresearch.com UIDR=1515187002; expires=Thu, 26-Dec-2019 21:16:42 GMT; path=/; domain=.scorecardresearch.com
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.1&utms=1&utmn=1218161212&utmhn=www.afterdawn.com&utme=8(User%20Type)9(Visitor)11(2)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1585x1200&utmsc=24...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.1&utms=1&utmn=1218161212&utmhn=www.afterdawn.com&utme=8(User%20Type)9(Visitor)11(2)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1585x1200&utmsc=2...
35 B
0
Image
General
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.1&utms=1&utmn=1218161212&utmhn=www.afterdawn.com&utme=8(User%20Type)9(Visitor)11(2)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Downloading%20SharePod%20v3.9.9...&utmhid=571022591&utmr=-&utmp=%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod&utmht=1515187002827&utmac=UA-2099875-1&utmcc=__utma%3D101350609.69328032.1515187003.1515187003.1515187003.1%3B%2B__utmz%3D101350609.1515187003.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2101951932&utmredir=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/r/__utm.gif?utmwv=5.7.1&utms=1&utmn=1218161212&utmhn=www.afterdawn.com&utme=8(User%20Type)9(Visitor)11(2)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Downloading%20SharePod%20v3.9.9...&utmhid=571022591&utmr=-&utmp=%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod&utmht=1515187002827&utmac=UA-2099875-1&utmcc=__utma%3D101350609.69328032.1515187003.1515187003.1515187003.1%3B%2B__utmz%3D101350609.1515187003.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2101951932&utmredir=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2018 21:16:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.1&utms=1&utmn=1218161212&utmhn=www.afterdawn.com&utme=8(User%20Type)9(Visitor)11(2)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Downloading%20SharePod%20v3.9.9...&utmhid=571022591&utmr=-&utmp=%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod&utmht=1515187002827&utmac=UA-2099875-1&utmcc=__utma%3D101350609.69328032.1515187003.1515187003.1515187003.1%3B%2B__utmz%3D101350609.1515187003.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2101951932&utmredir=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.1&utms=2&utmn=1095736932&utmhn=www.afterdawn.com&utme=8(User%20Type)9(Visitor)11(2)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1585x1200&utmsc=24...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.1&utms=2&utmn=1095736932&utmhn=www.afterdawn.com&utme=8(User%20Type)9(Visitor)11(2)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1585x1200&utmsc=2...
35 B
0
Image
General
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.1&utms=2&utmn=1095736932&utmhn=www.afterdawn.com&utme=8(User%20Type)9(Visitor)11(2)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Downloading%20SharePod%20v3.9.9...&utmhid=571022591&utmr=-&utmp=%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod&utmht=1515187002832&utmac=UA-2099875-17&utmcc=__utma%3D101350609.69328032.1515187003.1515187003.1515187003.1%3B%2B__utmz%3D101350609.1515187003.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1532040676&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAQAAAAAAE~
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/r/__utm.gif?utmwv=5.7.1&utms=2&utmn=1095736932&utmhn=www.afterdawn.com&utme=8(User%20Type)9(Visitor)11(2)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Downloading%20SharePod%20v3.9.9...&utmhid=571022591&utmr=-&utmp=%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod&utmht=1515187002832&utmac=UA-2099875-17&utmcc=__utma%3D101350609.69328032.1515187003.1515187003.1515187003.1%3B%2B__utmz%3D101350609.1515187003.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1532040676&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAQAAAAAAE~
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2018 21:16:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.1&utms=2&utmn=1095736932&utmhn=www.afterdawn.com&utme=8(User%20Type)9(Visitor)11(2)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Downloading%20SharePod%20v3.9.9...&utmhid=571022591&utmr=-&utmp=%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod&utmht=1515187002832&utmac=UA-2099875-17&utmcc=__utma%3D101350609.69328032.1515187003.1515187003.1515187003.1%3B%2B__utmz%3D101350609.1515187003.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1532040676&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAQAAAAAAE~
Non-Authoritative-Reason
HSTS
rules-p-11i4zqNdAFVL6.js
rules.quantcount.com/
3 B
0
Script
General
Full URL
http://rules.quantcount.com/rules-p-11i4zqNdAFVL6.js
Requested by
Host: edge.quantserve.com
URL: http://edge.quantserve.com/quant.js
Protocol
HTTP/1.1
Server
2600:9000:2002:5200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rules.quantcount.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 05 Mar 2017 19:11:00 GMT
Via
1.1 a459bf9dec7bba4e0a329e8ab2ebd928.cloudfront.net (CloudFront)
Last-Modified
Sat, 04 Mar 2017 19:42:14 GMT
Server
AmazonS3
Age
53248
ETag
"8a80554c91d9fca8acb82f023de02f11"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3
X-Amz-Cf-Id
hPvWirERcPhFVzp7OyWIHnmueA1pj2pUeR4VQNVwjWWzJMTkkB2fig==
sdk.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/sdk.js
  • https://connect.facebook.net/en_US/sdk.js
209 KB
0
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b5c0221dba550b6aeb6b03c1e417c256ae40cb8667d6b5defac484fa22f7a7e0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/en_US/sdk.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
oaDq9DGQlQEPXa0KXi41eg==
status
200
content-length
65872
x-xss-protection
0
x-fb-debug
ldjcnsUry8D1bim6cVvK7cbSNGaiVl/yZ8GyxSVYZOKgUZa+CF/2A08QGS7e3eZw/B0x4Vq283Wnyv6a9ZpFTQ==
x-fb-content-md5
92f882dd92297a5cfc3dcf8eb66de530
x-frame-options
DENY
date
Fri, 05 Jan 2018 21:16:42 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"e1f18bf3e605eb3537dca5a301c79088"
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
timing-allow-origin
*
expires
Fri, 05 Jan 2018 21:20:45 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/sdk.js
Non-Authoritative-Reason
HSTS
plusone.js
apis.google.com/js/
43 KB
0
Script
General
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:806::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
1fbe24b21193812798bf4ff10c185dc6dc16534f381f5a3aeae66f0d9fabdaad
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20171217.18_p0
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/plusone.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
apis.google.com
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy
script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20171217.18_p0
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
date
Fri, 05 Jan 2018 21:16:42 GMT
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"812c348f2c162f22b7c846c831cb648d"
set-cookie
NID=121=LFQNrlp3Z2cZHQ3XwbpOK3KtlXAZPVGI53BaIVjYpMq-xMCtOpQMUjD4fdG-gyD6mKGGIwsHz7fZd5wTLm6DwgCyMITWddQsCg0hSuo3hCCBxoRcdanE5h5nL6kSJ9Vt;Domain=.google.com;Path=/;Expires=Sat, 07-Jul-2018 21:16:42 GMT;HttpOnly
timing-allow-origin
*
expires
Fri, 05 Jan 2018 21:16:42 GMT
Cookie set uc.js
sync.go.sonobi.com/
2 KB
0
Script
General
Full URL
http://sync.go.sonobi.com/uc.js
Requested by
Host: ads.servebom.com
URL: http://ads.servebom.com/tmnhead.js
Protocol
HTTP/1.1
Server
52.17.204.197 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-17-204-197.eu-west-1.compute.amazonaws.com
Software
Sonobi GO /
Resource Hash
e8802d2af0ac8a4c64ba7f608b99ca0dfdb9b0a97854c8156d9c867de767ba2b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sync.go.sonobi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:42 GMT
Content-Encoding
gzip
Server
Sonobi GO
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-dub-1-6-4
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
__uqc=1; expires=Fri, 05 Jan 2018 23:16:42 GMT; domain=.go.sonobi.com __uis=ba46f559-f25d-11e7-a228-0219060f95f2; expires=Sat, 06 Jan 2018 09:16:42 GMT; domain=.go.sonobi.com AWSELB=63A1B9A51C389D0DB98848481EB5F53AA9C26A883F341DCD510AEE26A6E168513093596EDAE489C0DC7C347C25721CB0D1E7256F08AD446AB75DCC14774D6461987BE8EE25;PATH=/;MAX-AGE=600
Cache-Control
no-cache, no-store, private no-cache="set-cookie"
Tcn
Choice
Connection
keep-alive
Content-Type
text/javascript
Content-Length
961
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cookie set partner
ads.servebom.com/
Redirect Chain
  • http://purch-sync.go.sonobi.com/us?http://ads.servebom.com/partner?cb=3901&svc=us&id=9&uid=[UID]
  • http://ads.servebom.com/partner?cb=3901&svc=us&id=9&uid=ba46f559-f25d-11e7-a228-0219060f95f2
43 B
0
Image
General
Full URL
http://ads.servebom.com/partner?cb=3901&svc=us&id=9&uid=ba46f559-f25d-11e7-a228-0219060f95f2
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
34.249.51.231 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-51-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ads.servebom.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Cookie
u=CCFEC5C00F434B7CB1E1298A2A81F84B; ud=20180105211642+0000; a.5076="1:1515187002481:86400"; a.7035="1:1515187002481:86400"; a.5393="1:1515187002481:86400"; a.4080="1:1515187002481:86400"; a.5403="1:1515187002481:86400"; a.4973="1:1515187002481:86400"; a.5622="1:1515187002481:86400"; a.5402="1:1515187002481:86400"; a.5401="1:1515187002481:86400"; a.5367="1:1515187002481:86400"; a.4100="1:1515187002481:86400"; a.7034="1:1515187002481:86400"; a.5801="1:1515187002481:86400"; a.4514="1:1515187002481:86400"; a.5404="1:1515187002481:86400"; ramp_session=5590A638E55E40C7A3F2EF4B79D52DF7; up_23=2238143575827756157; up_25=2238143575827756157; up_26=2238143575827756157; up_29=2238143575827756157; up_33=2238143575827756157; up_14=9736910552923801883; up_17=Eh2Ce8NuqE14; up_2=Wk-rOrlQJrkAACpK6s8AAADc&1148
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Encoding
gzip
Set-Cookie
up_9=ba46f559-f25d-11e7-a228-0219060f95f2; Expires=Sun, 04 Feb 2018 21:16:43 GMT; Path=/; Domain=ads.servebom.com
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Length
57
Connection
keep-alive
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:42 GMT
Server
Sonobi GO
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-dub-1-6-4
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
http://ads.servebom.com/partner?cb=3901&svc=us&id=9&uid=ba46f559-f25d-11e7-a228-0219060f95f2
Set-Cookie
__uis=ba46f559-f25d-11e7-a228-0219060f95f2; expires=Sat, 06 Jan 2018 09:16:42 GMT; domain=.go.sonobi.com AWSELB=63A1B9A51C389D0DB98848481EB5F53AA9C26A883F341DCD510AEE26A6E168513093596EDAE489C0DC7C347C25721CB0D1E7256F08AD446AB75DCC14774D6461987BE8EE25;PATH=/;MAX-AGE=600
Cache-Control
no-cache, no-store, private no-cache="set-cookie"
Tcn
Choice
Connection
keep-alive
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pubads_impl_170.js
securepubads.g.doubleclick.net/gpt/
201 KB
0
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_170.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
sffe /
Resource Hash
cb0b5796c28242e8bfb982df2a6098ddf52e040cea29b6fdd379a65ad00071ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gpt/pubads_impl_170.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 05 Jan 2018 21:16:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Dec 2017 19:12:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
71570
x-xss-protection
1; mode=block
expires
Fri, 05 Jan 2018 21:16:42 GMT
Cookie set tmntag.js
ads.servebom.com/
10 KB
0
Script
General
Full URL
http://ads.servebom.com/tmntag.js?v=1.2&r=2971&o={%22f%22:%22%22,%22s%22:%22/10518929/tmnp.afterdawn/download%22,%22g%22:{%22stype%22:%22download%22},%22l%22:%22http%3A%2F%2Fwww.afterdawn.com%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod%22,%22tt%22:%22Downloading%20SharePod%20v3.9.9...%22,%22fs%22:1,%22a%22:[{%22s%22:%22/10518929/tmnp.afterdawn/download%22,%22z%22:[[728,90],[970,66],[970,90],[970,250]],%22d%22:%22div-gpt-ad-tmn-top-leaderboard%22,%22g%22:{}},{%22s%22:%22/10518929/tmnp.afterdawn/download%22,%22z%22:[[300,250]],%22d%22:%22div-gpt-ad-tmn-atf-rectangle%22,%22g%22:{}},{%22s%22:%22/10518929/tmnp.afterdawn/download%22,%22z%22:[[120,600],[160,600]],%22d%22:%22div-gpt-ad-tmn-atf-skyscraper%22,%22g%22:{}},{%22s%22:%22/10518929/tmnp.afterdawn/download%22,%22z%22:[[728,91],[970,67],[970,91],[970,251]],%22d%22:%22div-gpt-ad-tmn-btf-leaderboard%22,%22g%22:{}},{%22s%22:%22/10518929/tmnp.afterdawn/download%22,%22z%22:[[300,251]],%22d%22:%22div-gpt-ad-tmn-btf-rectangle-2%22,%22g%22:{}},{%22s%22:%22/1013040/AfterDawn%22,%22z%22:[238,1],%22d%22:%22div-gpt-ad-tmn-textlink%22,%22g%22:{}},{%22s%22:%22/10518929/tmnp.afterdawn/download%22,%22d%22:%22div-gpt-ad-oop%22,%22g%22:{}}],%22t%22:%222018-01-05%2021:16:42%22,%22ck%22:{},%22tz%22:0,%22r%22:%221600x1200%22,%22rf%22:%22%22}&at=bnj
Requested by
Host: ads.servebom.com
URL: http://ads.servebom.com/tmnhead.js
Protocol
HTTP/1.1
Server
34.249.51.231 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-51-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5a76e3569cde5d411757062c34c597c8239bb23804b5a5291baf45134354f2a1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ads.servebom.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Cookie
u=CCFEC5C00F434B7CB1E1298A2A81F84B; ud=20180105211642+0000; a.5076="1:1515187002481:86400"; a.7035="1:1515187002481:86400"; a.5393="1:1515187002481:86400"; a.4080="1:1515187002481:86400"; a.5403="1:1515187002481:86400"; a.4973="1:1515187002481:86400"; a.5622="1:1515187002481:86400"; a.5402="1:1515187002481:86400"; a.5401="1:1515187002481:86400"; a.5367="1:1515187002481:86400"; a.4100="1:1515187002481:86400"; a.7034="1:1515187002481:86400"; a.5801="1:1515187002481:86400"; a.4514="1:1515187002481:86400"; a.5404="1:1515187002481:86400"; ramp_session=5590A638E55E40C7A3F2EF4B79D52DF7
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Encoding
gzip
Set-Cookie
u=CCFEC5C00F434B7CB1E1298A2A81F84B; Expires=Sat, 05 Jan 2019 21:16:43 GMT; Path=/; Domain=ads.servebom.com ud=20180105211642+0000; Expires=Sat, 05 Jan 2019 21:16:43 GMT; Path=/; Domain=ads.servebom.com a.5076="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:43 GMT; Path=/; Domain=ads.servebom.com a.7035="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:43 GMT; Path=/; Domain=ads.servebom.com a.5393="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:43 GMT; Path=/; Domain=ads.servebom.com a.4080="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:43 GMT; Path=/; Domain=ads.servebom.com a.4973="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:43 GMT; Path=/; Domain=ads.servebom.com a.5403="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:43 GMT; Path=/; Domain=ads.servebom.com a.4764="1:1515187002951:1209600"; Expires=Fri, 19 Jan 2018 21:16:43 GMT; Path=/; Domain=ads.servebom.com a.5402="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:43 GMT; Path=/; Domain=ads.servebom.com a.5622="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:43 GMT; Path=/; Domain=ads.servebom.com a.5401="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:43 GMT; Path=/; Domain=ads.servebom.com a.5368="1:1515187002951:86400"; Expires=Sat, 06 Jan 2018 21:16:43 GMT; Path=/; Domain=ads.servebom.com a.5367="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:43 GMT; Path=/; Domain=ads.servebom.com a.4100="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:43 GMT; Path=/; Domain=ads.servebom.com a.7034="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:43 GMT; Path=/; Domain=ads.servebom.com a.5801="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:43 GMT; Path=/; Domain=ads.servebom.com a.4514="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:43 GMT; Path=/; Domain=ads.servebom.com a.5404="1:1515187002481:86400"; Expires=Sat, 06 Jan 2018 21:16:43 GMT; Path=/; Domain=ads.servebom.com cm_5978=1; Path=/; Domain=ads.servebom.com ramp_session=5590A638E55E40C7A3F2EF4B79D52DF7; Expires=Fri, 05 Jan 2018 22:16:43 GMT; Path=/; Domain=ads.servebom.com
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Length
2551
Connection
keep-alive
Content-Type
application/x-javascript
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.lyon4aDFbFk.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w/
130 KB
0
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.lyon4aDFbFk.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:806::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ea51bd07406335b7020cc59c28b8df1c93593200222b3136e4ef056e13c4fe4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/_/scs/apps-static/_/js/k=oz.gapi.en_US.lyon4aDFbFk.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w/cb=gapi.loaded_0
pragma
no-cache
cookie
NID=121=LFQNrlp3Z2cZHQ3XwbpOK3KtlXAZPVGI53BaIVjYpMq-xMCtOpQMUjD4fdG-gyD6mKGGIwsHz7fZd5wTLm6DwgCyMITWddQsCg0hSuo3hCCBxoRcdanE5h5nL6kSJ9Vt
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
apis.google.com
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 18 Dec 2017 23:25:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 16 Dec 2017 09:41:29 GMT
server
sffe
age
1547495
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
46577
x-xss-protection
1; mode=block
expires
Tue, 18 Dec 2018 23:25:07 GMT
Cookie set pixel;r=862926586;rf=0;a=p-11i4zqNdAFVL6;url=http%3A%2F%2Fwww.afterdawn.com%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod;fpan=1;fpa=P0-1846013749-1515187002931;ns=0;ce=1;cm=;ref=;je=0;sr=1...
pixel.quantserve.com/
35 B
0
Image
General
Full URL
http://pixel.quantserve.com/pixel;r=862926586;rf=0;a=p-11i4zqNdAFVL6;url=http%3A%2F%2Fwww.afterdawn.com%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod;fpan=1;fpa=P0-1846013749-1515187002931;ns=0;ce=1;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1515187002930;tzo=0;ogl=
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
95.172.94.55 , United Kingdom, ASN15570 (Internap European Autonomous System, GB),
Reverse DNS
pixel.quantserve.com
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
pixel.quantserve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:42 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Set-Cookie
mc=5a4feb3a-eba8c-13a3e-766f6; expires=Tue, 05-Feb-2019 21:16:42 GMT; path=/; domain=.quantserve.com
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
close
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
Cookie set us.gif
sync.go.sonobi.com/
Redirect Chain
  • http://x.bidswitch.net/sync?ssp=sonobi
  • http://x.bidswitch.net/ul_cb/sync?ssp=sonobi
  • http://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi
  • http://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDd5sQf_s1rrt0ZMaVFHEMI&google_cver=1&ssp=sonobi
  • http://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=abf65cc2-ed8f-4b2c-b43e-278fec957339
49 B
0
Image
General
Full URL
http://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=abf65cc2-ed8f-4b2c-b43e-278fec957339
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
52.17.204.197 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-17-204-197.eu-west-1.compute.amazonaws.com
Software
Sonobi GO /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sync.go.sonobi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Cookie
__uqc=1; __uis=ba46f559-f25d-11e7-a228-0219060f95f2; AWSELB=63A1B9A51C389D0DB98848481EB5F53AA9C26A883F341DCD510AEE26A6E168513093596EDAE489C0DC7C347C25721CB0D1E7256F08AD446AB75DCC14774D6461987BE8EE25; __uin_tl=9736910552923801883; __uin_ox=f0d78544-aeff-02a7-1536-9d3d35656380; __uin_pp=Eh2Ce8NuqE14
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:42 GMT
Server
Sonobi GO
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-dub-1-6-4
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
__uin_bw=abf65cc2-ed8f-4b2c-b43e-278fec957339; expires=Mon, 15 Jan 2018 21:16:42 GMT; domain=.go.sonobi.com
Cache-Control
no-cache, no-store, private
Tcn
Choice
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 05 Jan 2018 21:16:43 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=abf65cc2-ed8f-4b2c-b43e-278fec957339
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
0
Cookie set us.gif
sync.go.sonobi.com/
Redirect Chain
  • http://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=http%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D
  • http://sync.go.sonobi.com/us.gif?nw=openx&nuid=f0d78544-aeff-02a7-1536-9d3d35656380
49 B
0
Image
General
Full URL
http://sync.go.sonobi.com/us.gif?nw=openx&nuid=f0d78544-aeff-02a7-1536-9d3d35656380
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
52.17.204.197 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-17-204-197.eu-west-1.compute.amazonaws.com
Software
Sonobi GO /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sync.go.sonobi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Cookie
__uqc=1; __uis=ba46f559-f25d-11e7-a228-0219060f95f2; AWSELB=63A1B9A51C389D0DB98848481EB5F53AA9C26A883F341DCD510AEE26A6E168513093596EDAE489C0DC7C347C25721CB0D1E7256F08AD446AB75DCC14774D6461987BE8EE25
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:42 GMT
Server
Sonobi GO
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-dub-1-6-4
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
__uin_ox=f0d78544-aeff-02a7-1536-9d3d35656380; expires=Mon, 19 Feb 2018 21:16:42 GMT; domain=.go.sonobi.com
Cache-Control
no-cache, no-store, private
Tcn
Choice
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 05 Jan 2018 21:16:42 GMT
Server
OXGW/11.174.1
Vary
Accept
P3P
CP="CUR ADM OUR NOR STA NID"
Location
http://sync.go.sonobi.com/us.gif?nw=openx&nuid=f0d78544-aeff-02a7-1536-9d3d35656380
Set-Cookie
i=8856061f-d6ac-0a5f-34d8-5cf373741138|1515187002; Version=1; Expires=Sat, 05-Jan-2019 21:16:42 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Content-Type
image/gif
Content-Length
0
Cookie set bct
mid.rkdms.com/
Redirect Chain
  • http://mid.rkdms.com/bct?pid=045300ee-b79a-459e-a4a2-ead2b2a7badb&_ct=img&puid=ba46f559-f25d-11e7-a228-0219060f95f2
  • http://match.adsrvr.org/track/cmf/generic?ttd_pid=4h3yn1f&ttd_tpi=1
  • http://match.adsrvr.org/track/cmb/generic?ttd_pid=4h3yn1f&ttd_tpi=1
  • http://mid.rkdms.com/bct?pid=02760a75-50e3-4c64-b77b-fb5fcd04e437&_ct=img&puid=533d1258-300f-490a-a369-7d724cfefe1d
43 B
0
Image
General
Full URL
http://mid.rkdms.com/bct?pid=02760a75-50e3-4c64-b77b-fb5fcd04e437&_ct=img&puid=533d1258-300f-490a-a369-7d724cfefe1d
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
34.233.214.145 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-233-214-145.compute-1.amazonaws.com
Software
nginx/1.10.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
mid.rkdms.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Cookie
sessionid=h-73439e760ce0902a0b819263770791ef_t-1515187003; sc=4%3A61485
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:43 GMT
Server
nginx/1.10.1
Content-Type
image/gif
Set-Cookie
sessionid=h-73439e760ce0902a0b819263770791ef_t-1515187003; Domain=.rkdms.com; Expires=Sun, 29-Dec-2047 21:16:43 GMT; Path=/
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:27 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Location
http://mid.rkdms.com/bct?pid=02760a75-50e3-4c64-b77b-fb5fcd04e437&_ct=img&puid=533d1258-300f-490a-a369-7d724cfefe1d
Set-Cookie
TDID=533d1258-300f-490a-a369-7d724cfefe1d; domain=.adsrvr.org; expires=Sat, 05-Jan-2019 21:16:27 GMT; path=/ TDCPM=CAEYBSABKAIyCwiSz6Omi6PqNRAFOAE.; domain=.adsrvr.org; expires=Sat, 05-Jan-2019 21:16:27 GMT; path=/
Cache-Control
private,no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html
Content-Length
261
Cookie set us.gif
sync.go.sonobi.com/
Redirect Chain
  • http://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1
  • http://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1
  • http://sync.go.sonobi.com/us.gif?nw=td&nuid=a4d7c801-5ff3-4028-af7a-b3e7303c788a
49 B
0
Image
General
Full URL
http://sync.go.sonobi.com/us.gif?nw=td&nuid=a4d7c801-5ff3-4028-af7a-b3e7303c788a
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
52.17.204.197 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-17-204-197.eu-west-1.compute.amazonaws.com
Software
Sonobi GO /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sync.go.sonobi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Cookie
__uqc=1; __uis=ba46f559-f25d-11e7-a228-0219060f95f2; AWSELB=63A1B9A51C389D0DB98848481EB5F53AA9C26A883F341DCD510AEE26A6E168513093596EDAE489C0DC7C347C25721CB0D1E7256F08AD446AB75DCC14774D6461987BE8EE25; __uin_tl=9736910552923801883; __uin_ox=f0d78544-aeff-02a7-1536-9d3d35656380; __uin_pp=Eh2Ce8NuqE14; __uin_tb=c7a6cde2-99b1-4403-b10a-c7b224bb3db2-tuct14970ba; __uin_an=2238143575827756157; __uin_bw=abf65cc2-ed8f-4b2c-b43e-278fec957339; __uin_mm=327c5a4f-e838-4b00-ad84-cc820170331f; __uin_sv=e9767c2c4a2d50be4c002ec8
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:42 GMT
Server
Sonobi GO
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-dub-1-6-4
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
__uin_td=a4d7c801-5ff3-4028-af7a-b3e7303c788a; expires=Mon, 19 Feb 2018 21:16:43 GMT; domain=.go.sonobi.com
Cache-Control
no-cache, no-store, private
Tcn
Choice
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:43 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Location
http://sync.go.sonobi.com/us.gif?nw=td&nuid=a4d7c801-5ff3-4028-af7a-b3e7303c788a
Set-Cookie
TDID=a4d7c801-5ff3-4028-af7a-b3e7303c788a; domain=.adsrvr.org; expires=Sat, 05-Jan-2019 21:16:44 GMT; path=/ TDCPM=CAEYBSABKAIyCwiY6NGki6PqNRAFOAE.; domain=.adsrvr.org; expires=Sat, 05-Jan-2019 21:16:44 GMT; path=/
Cache-Control
private,no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html
Content-Length
191
Cookie set us.gif
sync.go.sonobi.com/
Redirect Chain
  • http://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID
  • http://sync.go.sonobi.com/us.gif?nw=tl&nuid=9736910552923801883
49 B
0
Image
General
Full URL
http://sync.go.sonobi.com/us.gif?nw=tl&nuid=9736910552923801883
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
52.17.204.197 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-17-204-197.eu-west-1.compute.amazonaws.com
Software
Sonobi GO /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sync.go.sonobi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Cookie
__uqc=1; __uis=ba46f559-f25d-11e7-a228-0219060f95f2; AWSELB=63A1B9A51C389D0DB98848481EB5F53AA9C26A883F341DCD510AEE26A6E168513093596EDAE489C0DC7C347C25721CB0D1E7256F08AD446AB75DCC14774D6461987BE8EE25
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:42 GMT
Server
Sonobi GO
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-dub-1-6-4
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
__uin_tl=9736910552923801883; expires=Mon, 19 Feb 2018 21:16:42 GMT; domain=.go.sonobi.com
Cache-Control
no-cache, no-store, private
Tcn
Choice
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
http://sync.go.sonobi.com/us.gif?nw=tl&nuid=9736910552923801883
date
Fri, 05 Jan 2018 21:16:42 GMT
cache-control
no-cache, no-store, must-revalidate
set-cookie
tluid=9736910552923801883; Max-Age=7776000; Expires=Thu, 05 Apr 2018 21:16:42 GMT; Path=/; Domain=.3lift.com
Content-Length
0
Connection
keep-alive
P3P
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Cookie set us.gif
sync.go.sonobi.com/
Redirect Chain
  • http://trc.taboola.com/sg/sonobi-ssp-network/1/rtb-h?taboola_hm=1
  • http://match.taboola.com/sg/sonobi-ssp-network/1/rtb-h?taboola_hm=1&tbid=c7a6cde2-99b1-4403-b10a-c7b224bb3db2-tuct14970ba
  • http://match.basebanner.com/match?tabid=c7a6cde2-99b1-4403-b10a-c7b224bb3db2-tuct14970ba&extuid=1&excid=42&cijs=0
  • http://sync.go.sonobi.com/us.gif?nw=tb&nuid=c7a6cde2-99b1-4403-b10a-c7b224bb3db2-tuct14970ba
49 B
0
Image
General
Full URL
http://sync.go.sonobi.com/us.gif?nw=tb&nuid=c7a6cde2-99b1-4403-b10a-c7b224bb3db2-tuct14970ba
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
52.17.204.197 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-17-204-197.eu-west-1.compute.amazonaws.com
Software
Sonobi GO /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sync.go.sonobi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Cookie
__uqc=1; __uis=ba46f559-f25d-11e7-a228-0219060f95f2; AWSELB=63A1B9A51C389D0DB98848481EB5F53AA9C26A883F341DCD510AEE26A6E168513093596EDAE489C0DC7C347C25721CB0D1E7256F08AD446AB75DCC14774D6461987BE8EE25; __uin_tl=9736910552923801883; __uin_ox=f0d78544-aeff-02a7-1536-9d3d35656380
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:42 GMT
Server
Sonobi GO
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-dub-1-6-4
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
__uin_tb=c7a6cde2-99b1-4403-b10a-c7b224bb3db2-tuct14970ba; expires=Sun, 04 Feb 2018 21:16:42 GMT; domain=.go.sonobi.com
Cache-Control
no-cache, no-store, private
Tcn
Choice
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 05 Jan 2018 21:16:43 GMT
Via
1.1 varnish
Server
nginx/1.9.12
X-Timer
S1515187003.078291,VS0,VE8
X-Served-By
cache-hhn1526-HHN
X-Cache
MISS
P3P
policyref="http://null/w3c/p3p.xml", CP="NOI IDC DSP COR CURa ADMa OUR IND COM STA NOR UNI"
Location
http://sync.go.sonobi.com/us.gif?nw=tb&nuid=c7a6cde2-99b1-4403-b10a-c7b224bb3db2-tuct14970ba
Set-Cookie
cicouid=CM_c7a6cde2-99b1-4403-b10a-c7b224bb3db2-tuct14970ba; Domain=basebanner.com; Expires=Sat, 05-Jan-2019 21:16:43 GMT; Path=/
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, X-Prototype-Version, Content-Type, Origin, Allow
Content-Length
0
X-Cache-Hits
0
Cookie set ad
ad.afy11.net/
45 B
0
Image
General
Full URL
http://ad.afy11.net/ad?mode=10&sspid=2585
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
74.117.199.102 San Bruno, United States, ASN2762 (ADIFY-1 - ADIFY CORPORATION, US),
Reverse DNS
Software
Microsoft-IIS/8.5 AdifyServer /
Resource Hash
f11f9e7a7b43ec2de3ea9137553669010def8299f808b5e4348db56f6b050982

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ad.afy11.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 05 Jan 2018 21:16:42 GMT
Last-Modified
Sat, 1 Jan 2000 01:01:00 GMT
Server
Microsoft-IIS/8.5 AdifyServer
P3P
policyref="http://ad.afy11.net/privacy.xml", CP=" NOI DSP NID ADMa DEVa PSAa PSDa OUR OTRa IND COM NAV STA OTC"
Access-Control-Allow-Origin
*
Set-Cookie
a=jyOnwcOkikGx5iGaoqtbBA; path=/; expires=Sun, 05 Jan 2020 21:16:43 GMT; domain=afy11.net;
Cache-Control
private, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Connection
close
Content-Type
image/gif
Content-Length
45
Expires
Sat, 1 Jan 2000 01:01:00 GMT
Cookie set us.gif
sync.go.sonobi.com/
Redirect Chain
  • http://bh.contextweb.com/bh/rtset?do=add&pid=561191&ev=ba46f559-f25d-11e7-a228-0219060f95f2&daaqp=1&rurl=http%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • http://sync.go.sonobi.com/us.gif?nw=pp&nuid=Eh2Ce8NuqE14
49 B
0
Image
General
Full URL
http://sync.go.sonobi.com/us.gif?nw=pp&nuid=Eh2Ce8NuqE14
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
52.17.204.197 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-17-204-197.eu-west-1.compute.amazonaws.com
Software
Sonobi GO /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sync.go.sonobi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Cookie
__uqc=1; __uis=ba46f559-f25d-11e7-a228-0219060f95f2; AWSELB=63A1B9A51C389D0DB98848481EB5F53AA9C26A883F341DCD510AEE26A6E168513093596EDAE489C0DC7C347C25721CB0D1E7256F08AD446AB75DCC14774D6461987BE8EE25; __uin_tl=9736910552923801883
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:42 GMT
Server
Sonobi GO
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-dub-1-6-4
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
__uin_pp=Eh2Ce8NuqE14; expires=Mon, 19 Feb 2018 21:16:42 GMT; domain=.go.sonobi.com
Cache-Control
no-cache, no-store, private
Tcn
Choice
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 05 Jan 2018 21:16:43 GMT
Via
1.1 varnish
Transfer-Encoding
chunked
X-Cache
MISS
P3P
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
X-Cache-Hits
0
Connection
keep-alive
X-Served-By
cache-hhn1527-HHN
Server
Jetty(9.4.6.v20170531)
Content-Language
en-US
Location
http://sync.go.sonobi.com/us.gif?nw=pp&nuid=Eh2Ce8NuqE14
Cache-Control
private, max-age=0, no-cache, no-store
Set-Cookie
V=Eh2Ce8NuqE14;Path=/;Domain=.contextweb.com;Expires=Mon, 31-Dec-2018 21:16:43 GMT;Max-Age=31104000 pb_rtb_ev=3-kds|7ec.0.1|7Va.0.ba46f559-f25d-11e7-a228-0219060f95f2;Path=/;Domain=.contextweb.com;Expires=Sat, 03-Feb-2018 21:16:43 GMT;Max-Age=2505600
Accept-Ranges
bytes
CW-Server
ams-bh00
Expires
-1
Cookie set demconf.jpg
dpm.demdex.net/
Redirect Chain
  • http://dpm.demdex.net/ibs:dpid=87880&dpuuid=ba46f559-f25d-11e7-a228-0219060f95f2
  • http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=ba46f559-f25d-11e7-a228-0219060f95f2
42 B
0
Image
General
Full URL
http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=ba46f559-f25d-11e7-a228-0219060f95f2
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
52.48.166.254 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-48-166-254.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dpm.demdex.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Cookie
demdex=28956401456955589110277674084726079069
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

DCS
irl1-prod-dcs-05ee0df1f.edge-irl1.demdex.com 5.22.1.20171115171136 3ms
Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:43 GMT
X-TID
Fm3YWE8lQpY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Set-Cookie
demdex=28956401456955589110277674084726079069;Path=/;Domain=.demdex.net;Expires=Wed, 04-Jul-2018 21:16:43 GMT dpm=28956401456955589110277674084726079069;Path=/;Domain=.dpm.demdex.net;Expires=Wed, 04-Jul-2018 21:16:43 GMT
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:43 GMT
X-TID
Zze+0cXCRvQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=ba46f559-f25d-11e7-a228-0219060f95f2
Set-Cookie
demdex=28956401456955589110277674084726079069;Path=/;Domain=.demdex.net;Expires=Wed, 04-Jul-2018 21:16:43 GMT
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 2009 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • http://sync.rhythmxchange.com/usersync2/sonobi
  • http://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=OPTOUT
49 B
0
Image
General
Full URL
http://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=OPTOUT
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
52.17.204.197 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-17-204-197.eu-west-1.compute.amazonaws.com
Software
Sonobi GO /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sync.go.sonobi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Cookie
__uqc=1; __uis=ba46f559-f25d-11e7-a228-0219060f95f2; AWSELB=63A1B9A51C389D0DB98848481EB5F53AA9C26A883F341DCD510AEE26A6E168513093596EDAE489C0DC7C347C25721CB0D1E7256F08AD446AB75DCC14774D6461987BE8EE25; __uin_tl=9736910552923801883; __uin_ox=f0d78544-aeff-02a7-1536-9d3d35656380; __uin_pp=Eh2Ce8NuqE14; __uin_tb=c7a6cde2-99b1-4403-b10a-c7b224bb3db2-tuct14970ba; __uin_an=2238143575827756157; __uin_bw=abf65cc2-ed8f-4b2c-b43e-278fec957339; __uin_mm=327c5a4f-e838-4b00-ad84-cc820170331f
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:42 GMT
Server
Sonobi GO
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-dub-1-6-4
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:43 GMT
Server
nginx
ETag
OPTOUT
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
http://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Set-Cookie
_rxuuid=%7B%22rx_uuid%22%3A%22OPTOUT%22%7D; path=/; expires=Sat, 05 Jan 2019 21:16:43 GMT; domain=.1rx.io; httponly
Content-Type
text/html
Expires
0
Cookie set us.gif
sync.go.sonobi.com/
Redirect Chain
  • http://ap.lijit.com/pixel?redir=http%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dsv%26nuid%3D%24UID
  • http://sync.go.sonobi.com/us.gif?nw=sv&nuid=e9767c2c4a2d50be4c002ec8
49 B
0
Image
General
Full URL
http://sync.go.sonobi.com/us.gif?nw=sv&nuid=e9767c2c4a2d50be4c002ec8
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
52.17.204.197 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-17-204-197.eu-west-1.compute.amazonaws.com
Software
Sonobi GO /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sync.go.sonobi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Cookie
__uqc=1; __uis=ba46f559-f25d-11e7-a228-0219060f95f2; AWSELB=63A1B9A51C389D0DB98848481EB5F53AA9C26A883F341DCD510AEE26A6E168513093596EDAE489C0DC7C347C25721CB0D1E7256F08AD446AB75DCC14774D6461987BE8EE25; __uin_tl=9736910552923801883; __uin_ox=f0d78544-aeff-02a7-1536-9d3d35656380; __uin_pp=Eh2Ce8NuqE14; __uin_tb=c7a6cde2-99b1-4403-b10a-c7b224bb3db2-tuct14970ba; __uin_an=2238143575827756157; __uin_bw=abf65cc2-ed8f-4b2c-b43e-278fec957339; __uin_mm=327c5a4f-e838-4b00-ad84-cc820170331f
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:42 GMT
Server
Sonobi GO
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-dub-1-6-4
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
__uin_sv=e9767c2c4a2d50be4c002ec8; expires=Mon, 19 Feb 2018 21:16:42 GMT; domain=.go.sonobi.com
Cache-Control
no-cache, no-store, private
Tcn
Choice
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 05 Jan 2018 21:16:43 GMT
Server
nginx
Location
http://sync.go.sonobi.com/us.gif?nw=sv&nuid=e9767c2c4a2d50be4c002ec8
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ap3ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
Cookie set us.gif
sync.go.sonobi.com/
Redirect Chain
  • http://ib.adnxs.com/getuid?http://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • http://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2238143575827756157
49 B
0
Image
General
Full URL
http://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2238143575827756157
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
52.17.204.197 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-17-204-197.eu-west-1.compute.amazonaws.com
Software
Sonobi GO /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sync.go.sonobi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Cookie
__uqc=1; __uis=ba46f559-f25d-11e7-a228-0219060f95f2; AWSELB=63A1B9A51C389D0DB98848481EB5F53AA9C26A883F341DCD510AEE26A6E168513093596EDAE489C0DC7C347C25721CB0D1E7256F08AD446AB75DCC14774D6461987BE8EE25; __uin_tl=9736910552923801883; __uin_ox=f0d78544-aeff-02a7-1536-9d3d35656380; __uin_pp=Eh2Ce8NuqE14
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:42 GMT
Server
Sonobi GO
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-dub-1-6-4
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
__uin_an=2238143575827756157; expires=Mon, 19 Feb 2018 21:16:42 GMT; domain=.go.sonobi.com
Cache-Control
no-cache, no-store, private
Tcn
Choice
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:45 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 244.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.41:80
AN-X-Request-Uuid
0c0ae63d-481f-4b29-bb1a-df5e821ea337
Server
nginx/1.13.4
Connection
keep-alive
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
http://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2238143575827756157
Cache-Control
no-store, no-cache, private
Set-Cookie
sess=1; Path=/; Max-Age=86400; Expires=Sat, 06-Jan-2018 21:16:45 GMT; Domain=.adnxs.com; HttpOnly uuid2=2238143575827756157; Path=/; Max-Age=7776000; Expires=Thu, 05-Apr-2018 21:16:45 GMT; Domain=.adnxs.com; HttpOnly
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set us.gif
sync.go.sonobi.com/
Redirect Chain
  • http://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=http%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • http://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=327c5a4f-e838-4b00-ad84-cc820170331f
49 B
0
Image
General
Full URL
http://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=327c5a4f-e838-4b00-ad84-cc820170331f
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
52.17.204.197 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-17-204-197.eu-west-1.compute.amazonaws.com
Software
Sonobi GO /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sync.go.sonobi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Cookie
__uqc=1; __uis=ba46f559-f25d-11e7-a228-0219060f95f2; AWSELB=63A1B9A51C389D0DB98848481EB5F53AA9C26A883F341DCD510AEE26A6E168513093596EDAE489C0DC7C347C25721CB0D1E7256F08AD446AB75DCC14774D6461987BE8EE25; __uin_tl=9736910552923801883; __uin_ox=f0d78544-aeff-02a7-1536-9d3d35656380; __uin_pp=Eh2Ce8NuqE14; __uin_tb=c7a6cde2-99b1-4403-b10a-c7b224bb3db2-tuct14970ba; __uin_an=2238143575827756157
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:42 GMT
Server
Sonobi GO
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-dub-1-6-4
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
__uin_mm=327c5a4f-e838-4b00-ad84-cc820170331f; expires=Mon, 19 Feb 2018 21:16:42 GMT; domain=.go.sonobi.com
Cache-Control
no-cache, no-store, private
Tcn
Choice
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 05 Jan 2018 21:16:43 GMT
Server
MT3 1.15.20.1 33bcb65 release cdg-pixel-x8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
http://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=327c5a4f-e838-4b00-ad84-cc820170331f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 05 Jan 2018 21:16:42 GMT
osd.js
pagead2.googlesyndication.com/pagead/js/r20180102/r20170110/ Frame (CB3
83 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180102/r20170110/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180102/r20170110/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
5d151f2dc88eb2a0674df4997d5748949d5e6d5e70a0ed72906de3000122b7ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/js/r20180102/r20170110/osd.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Tue, 02 Jan 2018 14:39:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283040
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
30575
x-xss-protection
1; mode=block
server
cafe
etag
13856620469708125589
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jan 2018 14:39:23 GMT
/
www.facebook.com/impression.php/f2f55701ed12e64/
43 B
0
Image
General
Full URL
https://www.facebook.com/impression.php/f2f55701ed12e64/?api_key=131531713583995&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/impression.php/f2f55701ed12e64/?api_key=131531713583995&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
x-xss-protection
0
pragma
no-cache
x-fb-debug
8Je8NgN+ID+rmPBuEPZ92F1PMgtHtA9rQVcPWsIzNcdZyAOBrzW69riigfmqdsXMEc2ABkxOeHfBb5oLuKA85A==
date
Fri, 05 Jan 2018 21:16:43 GMT
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-14/html/
0
0
Other
General
Full URL
http://tpc.googlesyndication.com/safeframe/1-0-14/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_170.js
Protocol
HTTP/1.1
Server
2a00:1450:400e:804::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Purpose
prefetch
Accept-Encoding
gzip, deflate
Host
tpc.googlesyndication.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Purpose
prefetch
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 01:20:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 08 Nov 2017 03:31:33 GMT
Server
sffe
Age
1972557
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, immutable, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1579
X-XSS-Protection
1; mode=block
Expires
Fri, 14 Dec 2018 01:20:46 GMT
ads
securepubads.g.doubleclick.net/gampad/
333 KB
0
Script
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=3797354252236198&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21060362%2C21061149&sc=0&sfv=1-0-14&iu_parts=10518929%2Ctmnp.afterdawn%2Cdownload%2Ca0-p0-s1%2Ca0-p0-s2%2Ca0-p0-s0&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5&prev_iu_szs=728x90%7C970x66%7C970x90%7C970x250%2C300x250%2C120x600%7C160x600%2C728x91%7C970x67%7C970x91%7C970x251%2C300x251%2C1x1&ists=1&prev_scp=_wb%3D7%26adunit%3Ddiv-gpt-ad-tmn-top-leaderboard%26id%3Dba578f30-f25d-11e7-8c0b-70106fb72758%26vw%3D40%2C50%2C60%26grm%3D40%2C50%26pub%3D40%7C_wb%3D8%26adunit%3Ddiv-gpt-ad-tmn-atf-rectangle%26id%3Dba578f31-f25d-11e7-8c0b-70106fb72758%26vw%3D40%26grm%3D40%26pub%3D40%7C_wb%3D9%26adunit%3Ddiv-gpt-ad-tmn-atf-skyscraper%26id%3Dba578f33-f25d-11e7-8c0b-70106fb72758%26vw%3D40%26grm%3D40%26pub%3D40%7C_wb%3D10%26adunit%3Ddiv-gpt-ad-tmn-btf-leaderboard%26id%3Dba578f37-f25d-11e7-8c0b-70106fb72758%26vw%3D40%26grm%3D40%26pub%3D40%7C_wb%3D11%26adunit%3Ddiv-gpt-ad-tmn-btf-rectangle-2%26id%3Dba578f38-f25d-11e7-8c0b-70106fb72758%26vw%3D40%2C50%26grm%3D40%26pub%3D40%7C_wb%3D13%26adunit%3Ddiv-gpt-ad-oop&cust_params=_rid%3D8499512306621015119%26partner%3Dy%26site%3Dtmnp.afterdawn%26TUUID%3DCCFEC5C00F434B7CB1E1298A2A81F84B%26_c%3D1%26stype%3Ddownload%26_pgid%3D6af121a9%26mcat%3Di328%252Ci353%26urlhash%3DFjkLDArZyGN%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3Dmedium%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26_sw1600%3D1%26_sh1080%3D1%26_ex%3D%257C6%257C4%257C5%257C&cookie_enabled=1&abxe=1&lmt=1515187003&dt=1515187003320&frm=20&biw=1585&bih=1200&oid=3&adxs=550%2C-9%2C1298%2C429%2C316%2C792&adys=58%2C-9%2C203%2C1206%2C921%2C1591&adks=2981548604%2C722484989%2C3736509422%2C2713415314%2C1739215249%2C3235759250&gut=v2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.afterdawn.com%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod&dssz=51&icsg=8724152960&std=0&vrg=170&vis=1&scr_x=0&scr_y=0&ga_vid=69328032.1515187003&ga_sid=1515187003&ga_hid=571022591&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_170.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
4957709822bd63bfaf8df49960e6767d28e87e15cb181dfd31b9ef08f59bc8b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=3797354252236198&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21060362%2C21061149&sc=0&sfv=1-0-14&iu_parts=10518929%2Ctmnp.afterdawn%2Cdownload%2Ca0-p0-s1%2Ca0-p0-s2%2Ca0-p0-s0&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5&prev_iu_szs=728x90%7C970x66%7C970x90%7C970x250%2C300x250%2C120x600%7C160x600%2C728x91%7C970x67%7C970x91%7C970x251%2C300x251%2C1x1&ists=1&prev_scp=_wb%3D7%26adunit%3Ddiv-gpt-ad-tmn-top-leaderboard%26id%3Dba578f30-f25d-11e7-8c0b-70106fb72758%26vw%3D40%2C50%2C60%26grm%3D40%2C50%26pub%3D40%7C_wb%3D8%26adunit%3Ddiv-gpt-ad-tmn-atf-rectangle%26id%3Dba578f31-f25d-11e7-8c0b-70106fb72758%26vw%3D40%26grm%3D40%26pub%3D40%7C_wb%3D9%26adunit%3Ddiv-gpt-ad-tmn-atf-skyscraper%26id%3Dba578f33-f25d-11e7-8c0b-70106fb72758%26vw%3D40%26grm%3D40%26pub%3D40%7C_wb%3D10%26adunit%3Ddiv-gpt-ad-tmn-btf-leaderboard%26id%3Dba578f37-f25d-11e7-8c0b-70106fb72758%26vw%3D40%26grm%3D40%26pub%3D40%7C_wb%3D11%26adunit%3Ddiv-gpt-ad-tmn-btf-rectangle-2%26id%3Dba578f38-f25d-11e7-8c0b-70106fb72758%26vw%3D40%2C50%26grm%3D40%26pub%3D40%7C_wb%3D13%26adunit%3Ddiv-gpt-ad-oop&cust_params=_rid%3D8499512306621015119%26partner%3Dy%26site%3Dtmnp.afterdawn%26TUUID%3DCCFEC5C00F434B7CB1E1298A2A81F84B%26_c%3D1%26stype%3Ddownload%26_pgid%3D6af121a9%26mcat%3Di328%252Ci353%26urlhash%3DFjkLDArZyGN%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3Dmedium%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26_sw1600%3D1%26_sh1080%3D1%26_ex%3D%257C6%257C4%257C5%257C&cookie_enabled=1&abxe=1&lmt=1515187003&dt=1515187003320&frm=20&biw=1585&bih=1200&oid=3&adxs=550%2C-9%2C1298%2C429%2C316%2C792&adys=58%2C-9%2C203%2C1206%2C921%2C1591&adks=2981548604%2C722484989%2C3736509422%2C2713415314%2C1739215249%2C3235759250&gut=v2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.afterdawn.com%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod&dssz=51&icsg=8724152960&std=0&vrg=170&vis=1&scr_x=0&scr_y=0&ga_vid=69328032.1515187003&ga_sid=1515187003&ga_hid=571022591&ga_fc=true
pragma
no-cache
cookie
IDE=AHWqTUnG5qwVqf4wr4ldAxR15IwlVF0lfmdgxVewk7p1CtCWzHxeAIjO4A
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 05 Jan 2018 21:16:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
89098
x-xss-protection
1; mode=block
google-lineitem-id
-1,-1,-1,-1,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,-1,-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_170.js
securepubads.g.doubleclick.net/gpt/
12 KB
0
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_170.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_170.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
sffe /
Resource Hash
aa99279e9958d454df0cb54e1eededb3876876f6f43b1946dbc51489f947ace8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gpt/pubads_impl_rendering_170.js
pragma
no-cache
cookie
IDE=AHWqTUnG5qwVqf4wr4ldAxR15IwlVF0lfmdgxVewk7p1CtCWzHxeAIjO4A
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 05 Jan 2018 21:16:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Dec 2017 19:12:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
5223
x-xss-protection
1; mode=block
expires
Fri, 05 Jan 2018 21:16:43 GMT
ads
securepubads.g.doubleclick.net/gampad/
470 B
0
Script
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=3797354252236198&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fifs&adsid=NT&json_a=1&eid=21060362%2C21061149&sc=0&sfv=1-0-14&iu_parts=1013040%2CAfterDawn%2Ca0-p0-s0&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=238x1&prev_scp=_wb%3D12%26adunit%3Ddiv-gpt-ad-tmn-textlink%26id%3Dba578f39-f25d-11e7-8c0b-70106fb72758%26vw%3D40%26grm%3D40%26pub%3D40&cust_params=_rid%3D8499512306621015119%26partner%3Dy%26site%3Dtmnp.afterdawn%26TUUID%3DCCFEC5C00F434B7CB1E1298A2A81F84B%26_c%3D1%26stype%3Ddownload%26_pgid%3D6af121a9%26mcat%3Di328%252Ci353%26urlhash%3DFjkLDArZyGN%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3Dmedium%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26_sw1600%3D1%26_sh1080%3D1%26_ex%3D%257C6%257C4%257C5%257C&cookie_enabled=1&abxe=1&lmt=1515187003&dt=1515187003335&frm=20&biw=1585&bih=1200&oid=3&adxs=313&adys=252&adks=3872815048&gut=v2&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.afterdawn.com%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod&dssz=53&icsg=703696165929600&std=0&vrg=170&vis=1&scr_x=0&scr_y=0&ga_vid=69328032.1515187003&ga_sid=1515187003&ga_hid=571022591&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_170.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
c8ef31f9a1ebc53a61af679a620f30a0eb560e797c25ec82179991d97a7fdb5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=3797354252236198&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fifs&adsid=NT&json_a=1&eid=21060362%2C21061149&sc=0&sfv=1-0-14&iu_parts=1013040%2CAfterDawn%2Ca0-p0-s0&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=238x1&prev_scp=_wb%3D12%26adunit%3Ddiv-gpt-ad-tmn-textlink%26id%3Dba578f39-f25d-11e7-8c0b-70106fb72758%26vw%3D40%26grm%3D40%26pub%3D40&cust_params=_rid%3D8499512306621015119%26partner%3Dy%26site%3Dtmnp.afterdawn%26TUUID%3DCCFEC5C00F434B7CB1E1298A2A81F84B%26_c%3D1%26stype%3Ddownload%26_pgid%3D6af121a9%26mcat%3Di328%252Ci353%26urlhash%3DFjkLDArZyGN%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3Dmedium%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26_sw1600%3D1%26_sh1080%3D1%26_ex%3D%257C6%257C4%257C5%257C&cookie_enabled=1&abxe=1&lmt=1515187003&dt=1515187003335&frm=20&biw=1585&bih=1200&oid=3&adxs=313&adys=252&adks=3872815048&gut=v2&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.afterdawn.com%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod&dssz=53&icsg=703696165929600&std=0&vrg=170&vis=1&scr_x=0&scr_y=0&ga_vid=69328032.1515187003&ga_sid=1515187003&ga_hid=571022591&ga_fc=true
pragma
no-cache
cookie
IDE=AHWqTUnG5qwVqf4wr4ldAxR15IwlVF0lfmdgxVewk7p1CtCWzHxeAIjO4A
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 05 Jan 2018 21:16:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
338
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bk-coretag.js
tags.bkrtx.com/js/
38 KB
0
Script
General
Full URL
http://tags.bkrtx.com/js/bk-coretag.js?referer=
Requested by
Host: ads.servebom.com
URL: http://ads.servebom.com/tmntag.js?v=1.2&r=2971&o={%22f%22:%22%22,%22s%22:%22/10518929/tmnp.afterdawn/download%22,%22g%22:{%22stype%22:%22download%22},%22l%22:%22http%3A%2F%2Fwww.afterdawn.com%2Fsoftware%2Fgeneral%2Fdownload_splash.cfm%2Fsharepod%22,%22tt%22:%22Downloading%20SharePod%20v3.9.9...%22,%22fs%22:1,%22a%22:[{%22s%22:%22/10518929/tmnp.afterdawn/download%22,%22z%22:[[728,90],[970,66],[970,90],[970,250]],%22d%22:%22div-gpt-ad-tmn-top-leaderboard%22,%22g%22:{}},{%22s%22:%22/10518929/tmnp.afterdawn/download%22,%22z%22:[[300,250]],%22d%22:%22div-gpt-ad-tmn-atf-rectangle%22,%22g%22:{}},{%22s%22:%22/10518929/tmnp.afterdawn/download%22,%22z%22:[[120,600],[160,600]],%22d%22:%22div-gpt-ad-tmn-atf-skyscraper%22,%22g%22:{}},{%22s%22:%22/10518929/tmnp.afterdawn/download%22,%22z%22:[[728,91],[970,67],[970,91],[970,251]],%22d%22:%22div-gpt-ad-tmn-btf-leaderboard%22,%22g%22:{}},{%22s%22:%22/10518929/tmnp.afterdawn/download%22,%22z%22:[[300,251]],%22d%22:%22div-gpt-ad-tmn-btf-rectangle-2%22,%22g%22:{}},{%22s%22:%22/1013040/AfterDawn%22,%22z%22:[238,1],%22d%22:%22div-gpt-ad-tmn-textlink%22,%22g%22:{}},{%22s%22:%22/10518929/tmnp.afterdawn/download%22,%22d%22:%22div-gpt-ad-oop%22,%22g%22:{}}],%22t%22:%222018-01-05%2021:16:42%22,%22ck%22:{},%22tz%22:0,%22r%22:%221600x1200%22,%22rf%22:%22%22}&at=bnj
Protocol
HTTP/1.1
Server
104.111.232.108 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-232-108.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f6de9ced41ed54dbfc4f51abfeb65d843bd8dd33a45cbb773ecf5f92d065dd52

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tags.bkrtx.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 05 Jan 2018 21:16:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 May 2017 21:04:06 GMT
ETag
"991c-5505f8fb7697f-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13297
Expires
Fri, 12 Jan 2018 21:16:43 GMT
multi-sync.js
assets.rubiconproject.com/utils/xapi/
1 KB
0
Script
General
Full URL
http://assets.rubiconproject.com/utils/xapi/multi-sync.js
Requested by
Host: ads.servebom.com
URL: http://ads.servebom.com/tmnhead.js
Protocol
HTTP/1.1
Server
2.21.246.11 , Austria, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
29dbea3ab6cfd4bc026f89e3061ef871d4ba1f3592befd6bc680f8980d8c0d8c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
assets.rubiconproject.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 05 Jan 2018 21:16:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Dec 2017 12:20:28 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=16114
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
642
Expires
Sat, 06 Jan 2018 01:45:17 GMT
bg_large_dl.gif
cdn1.afterdawn.fi/v4/topBar/
3 KB
0
Image
General
Full URL
http://cdn1.afterdawn.fi/v4/topBar/bg_large_dl.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Protocol
HTTP/1.1
Server
195.181.174.7 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
090656fcafc93c4055e1709a5c6625933f6c66e99502f6cca0cbf89182c81711

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
cdn1.afterdawn.fi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 05 Jan 2018 21:16:43 GMT
Last-Modified
Mon, 29 Jun 2009 10:44:40 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"3103705891"
X-Cache
HIT
Content-Type
image/gif
Cache-Control
max-age=31104000
X-Edge-IP
195.181.174.1
Connection
keep-alive
Accept-Ranges
bytes
X-Age
2211666
Content-Length
3037
Expires
Thu, 06 Dec 2018 06:55:37 GMT
Cookie set partner
ads.servebom.com/
Redirect Chain
  • http://pixel-us-east.rubiconproject.com/exchange/sync.php?p=11868
  • http://ads.servebom.com/partner?svc=us&id=19&uid=JC2F7YGV-1V-DINT
43 B
0
Image
General
Full URL
http://ads.servebom.com/partner?svc=us&id=19&uid=JC2F7YGV-1V-DINT
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
HTTP/1.1
Server
34.249.51.231 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-51-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ads.servebom.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Cookie
u=CCFEC5C00F434B7CB1E1298A2A81F84B; ud=20180105211642+0000; a.5076="1:1515187002481:86400"; a.7035="1:1515187002481:86400"; a.5393="1:1515187002481:86400"; a.4080="1:1515187002481:86400"; a.5403="1:1515187002481:86400"; a.4973="1:1515187002481:86400"; a.5622="1:1515187002481:86400"; a.5402="1:1515187002481:86400"; a.5401="1:1515187002481:86400"; a.5367="1:1515187002481:86400"; a.4100="1:1515187002481:86400"; a.7034="1:1515187002481:86400"; a.5801="1:1515187002481:86400"; a.4514="1:1515187002481:86400"; a.5404="1:1515187002481:86400"; ramp_session=5590A638E55E40C7A3F2EF4B79D52DF7; up_23=2238143575827756157; up_25=2238143575827756157; up_26=2238143575827756157; up_29=2238143575827756157; up_33=2238143575827756157; up_14=9736910552923801883; up_17=Eh2Ce8NuqE14; up_2=Wk-rOrlQJrkAACpK6s8AAADc&1148; up_9=ba46f559-f25d-11e7-a228-0219060f95f2; up_46=93C8538F-9966-44C1-A25C-F5336ADEA717; up_22=8856061f-d6ac-0a5f-34d8-5cf373741138; up_31=4c091cd8-ae27-4f33-8644-edab3c1dfe2a; up_24=e9767c2c4a2d50be4c002ec8; a.4764="1:1515187002951:1209600"; a.5368="1:1515187002951:86400"; cm_5978=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Encoding
gzip
Set-Cookie
up_19=JC2F7YGV-1V-DINT; Expires=Sun, 04 Feb 2018 21:16:44 GMT; Path=/; Domain=ads.servebom.com
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Length
57
Connection
keep-alive
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2018 21:16:43 GMT
Server
Rubicon Project
Connection
keep-alive
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
http://ads.servebom.com/partner?svc=us&id=19&uid=JC2F7YGV-1V-DINT
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
khaos=JC2F7YGV-1V-DINT; Domain=.rubiconproject.com; Expires=Sat, 07-Jul-2018 09:16:44 GMT; Path=/
Content-Length
0
X-RPHost
3IgKnIcX8z-RbB85BkMRow
Expires
0
nr-1071.min.js
js-agent.newrelic.com/
23 KB
0
Script
General
Full URL
https://js-agent.newrelic.com/nr-1071.min.js
Requested by
Host: www.afterdawn.com
URL: http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

:path
/nr-1071.min.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
js-agent.newrelic.com
referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
:scheme
https
:method
GET
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 05 Jan 2018 21:16:44 GMT
content-encoding
gzip
x-amz-request-id
5EA69B9E407DB8D1
x-cache
HIT
status
200
content-length
9086
x-amz-id-2
UmIzaBjWpP1dp8unLzp1UKU8AKexnFQRjzIBXsOEawuxNZTvApIKl37QGTZIrusQacKN80XwG98=
x-served-by
cache-hhn1535-HHN
last-modified
Tue, 14 Nov 2017 18:09:22 GMT
server
AmazonS3
x-timer
S1515187004.394906,VS0,VE0
etag
"a1a545c95f313a230157b47dca555c25"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
71569
Cookie set a60c345c66
bam.nr-data.net/1/
57 B
0
Script
General
Full URL
https://bam.nr-data.net/1/a60c345c66?a=68128913&v=1071.385e752&to=YVFbMhBSCkBSVkRYWlgbagMQRQhWRxpzd3h6Z1wUFF8BRw%3D%3D&rst=2506&ref=http://www.afterdawn.com/software/general/download_splash.cfm/sharepod&ap=466&be=511&fe=2472&dc=964&perf=%7B%22timing%22:%7B%22of%22:1515187001897,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:1,%22c%22:1,%22ce%22:17,%22rq%22:17,%22rp%22:504,%22rpe%22:521,%22dl%22:506,%22di%22:964,%22ds%22:964,%22de%22:992,%22dc%22:2472,%22l%22:2472,%22le%22:2485%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bam.nr-data.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.afterdawn.com/software/general/download_splash.cfm/sharepod
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Set-Cookie
JSESSIONID=b6e20848c32a2059;Path=/;Domain=.nr-data.net;Secure
Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onafterprint object| onbeforeprint object| NREUM object| newrelic function| __nr_require function| $ function| jQuery object| amznads string| TMNAPI_VERSION string| TMNTAG_VERSION string| TMNTAGVIDEOREFRESH_VERSION number| PREBID_TIMEOUT number| VIDEO_REFRESH_TIMEOUT object| googletag function| tmntag_registerMouseOver function| tmntag_processInContent function| tmntag_isInlineMarkup function| tmntag_inlineMarkup function| tmntag_defineAdUnit function| tmntag_defineSlot function| tmntag_setGptLoaded function| tmntag_clientDim function| tmntag_autorefresh function| tmntag_inview function| tmntag_topLocation function| tmntag_referrer object| tmntag object| tmntagCache function| MultipleIncontent function| tmntag_checkCommands function| PurchInContent function| PurchStickyColumn function| _tmnSyncRBX string| aaxID object| baseObj function| tmntag_ready function| tmntag_getAdUnit function| tmntag_timestamp function| tmntag_inIframe function| tmntag_IEVersion function| tmntag_isArray function| tmntag_getAdunitFromCache function| tmntag_getLastAdunitWithPrefixFromCache function| tmntag_supportsFlash boolean| tmntag_gptloaded object| tmntag_callbacks boolean| tmntag_il object| tmntagDisplayed number| w number| h function| tmntag_removeByAttrValue function| tmntag_filterAdUnitsByIds function| tmntag_getFacebookId function| tmntag_getDigitrustId function| tmntag_serializeState function| tmntag_refreshNoWait function| tmntag_redirect function| tmntag_triggerEvent function| tmntag_disableAdunit function| tmntag_enableAdunit boolean| tmntag_executingStart function| tmntag_findURL function| tmntag_passback function| tmntag_applyAdunitStyle function| tmntag_render function| tmntag_checkIfLazyLoaded function| tmntag_writeToDocument function| tmntag_debounce object| targeting number| viewportWidth boolean| isTouch undefined| hideSkyScraper object| viewportSize object| cookieconsent_options function| amzn_ads function| aax_write function| amznMatchCookie function| aax_render_ad function| _typeof object| amznpassback object| _comscore object| _gaq boolean| showTopAdvertisement undefined| adParams object| tickerBar number| tickerBarCounter number| tickerCycleTime number| tickerCycleTimeout function| tickerBarCycle object| adsbygoogle object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken function| google_spfd number| google_unique_id object| google_t12n_vars object| google_jobrunner object| google_iframe_oncopy function| countClick function| uutiskirje number| monitorAdspaceTimeout number| monitorAdspaceTime number| monitorAdspaceIframeCount number| monitorAdspaceIframeMax function| monitorAdspace function| udm_ object| ns_p object| COMSCORE object| _gat object| gaGlobal function| DP_jQuery_1515187002851 object| contentWidth function| dropdownClose function| dropdownCloseAll function| dropdownShow object| language number| errorDisplaytimeout function| trackClick function| toggleSearchType function| toggleAdvancedSearch function| showInputDefault function| clearInputDefault function| changeContent string| apiURL string| loginCurrentForm string| errorMessageContainer object| emailAddressRegexp function| validateLoginForm function| submitLoginForm object| _qoptions function| quantserve function| __qc object| _qevents object| ezt function| fbAsyncInit object| adNames object| ___gcfg object| gapi object| ___jsl object| ___gu function| sbi_sync_user object| google_persistent_state_async object| google_reactive_ads_global_state object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_AdSense_getAdAdapterInstance boolean| google_onload_fired object| FB object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ object| GPT_jstiming function| Goog_AdSense_OsdAdapter string| ref object| e string| prop number| TMNTAG_READY string| requestid string| experiments string| divid boolean| google_noFetch boolean| google_DisableInitialLoad object| closure_memoize_cache_ string| CONFIANT_WRAPPER_ID function| confiantWrap function| bk_async object| google_timing_params object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut function| google_osd_amcb

80 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.rubiconproject.com/ Name: put_2596
Value: 1174665450078810386
.rubiconproject.com/ Name: put_1512
Value: 327c5a4f-e838-4b00-ad84-cc820170331f
.rubiconproject.com/ Name: put_4968
Value: 2238143575827756157
tap2-cdn.rubiconproject.com/ Name: pux
Value: 1512%3D70245%262146%3D70245%262238%3D70245%262307%3D70245%262596%3D70245%262676%3D70245%264968%3D70245%26w55c%3D70245%26
.openx.net/ Name: i
Value: 8856061f-d6ac-0a5f-34d8-5cf373741138|1515187002
.casalemedia.com/ Name: CMRUM3
Value: 045a4feb3a27607319033340313689013&275a4feb3b2760f1759a87-d61b-45bc-a6c4-599b45853a4c&035a4feb3b2760327c5a4f-e838-4b00-ad84-cc820170331f&475a4feb3a05a0&395a4feb3b27601184798549227738540&2d5a4feb3b2760CAESEBdLLt1ERZzFNHiaWG1CRXM&425a4feb3a05a0&6b5a4feb3b2760AB-1Ery_9OlnG-RtRo81CrLUQ
.casalemedia.com/ Name: CMPS
Value: 3216
.casalemedia.com/ Name: CMID
Value: Wk-rOrlQJrkAACpK6s8AAADc
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1742922720015792374
.casalemedia.com/ Name: CMPRO
Value: 1148
.pubmatic.com/ Name: SPugT
Value: 1515187003
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEI-5OSZs19Qd9d34IO_xG88&KRTB&22987-CAESEI-5OSZs19Qd9d34IO_xG88&KRTB&22995-CAESEI-5OSZs19Qd9d34IO_xG88
.rubiconproject.com/ Name: rpb
Value: 14240%3D1%267430%3D1%26377322%3D1%264210%3D1%264222%3D1%2613490%3D1%268981%3D1
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: PugT
Value: 1515187003
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Wk-rOgAAAbAUOCma&KRTB&22922-Wk-rOgAAAbAUOCma&KRTB&22978-Wk-rOgAAAbAUOCma
.pubmatic.com/ Name: SyncRTB2
Value: 1516320000%3A98_22_21_56_81%7C1515369600%3A175
.rubiconproject.com/ Name: put_2238
Value: dc72f1d1-0653-4246-8936-86e0ce31b747
.pubmatic.com/ Name: DPSync2
Value: 1517702400%3A102%7C1515196800%3A173_174
.afterdawn.com/ Name: __gads
Value: ID=62f2b584985ad391:T=1515187003:S=ALNI_MZ8WpcfqpVqnB-MJagsZM_qUZ9GKg
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.ads.servebom.com/ Name: cm_5978
Value: 1
.ads.servebom.com/ Name: a.5368
Value: "1:1515187002951:86400"
.ads.servebom.com/ Name: up_24
Value: e9767c2c4a2d50be4c002ec8
.doubleclick.net/ Name: IDE
Value: AHWqTUnG5qwVqf4wr4ldAxR15IwlVF0lfmdgxVewk7p1CtCWzHxeAIjO4A
.ads.servebom.com/ Name: up_31
Value: 4c091cd8-ae27-4f33-8644-edab3c1dfe2a
.ads.servebom.com/ Name: up_9
Value: ba46f559-f25d-11e7-a228-0219060f95f2
.casalemedia.com/ Name: CMST
Value: Wk-rOlpP6zsA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 93C8538F-9966-44C1-A25C-F5336ADEA717
.rubiconproject.com/ Name: put_2307
Value: 533d1258-300f-490a-a369-7d724cfefe1d
.ads.servebom.com/ Name: up_2
Value: Wk-rOrlQJrkAACpK6s8AAADc&1148
.ads.servebom.com/ Name: a.5801
Value: "1:1515187002481:86400"
.ads.servebom.com/ Name: up_17
Value: Eh2Ce8NuqE14
.ads.servebom.com/ Name: a.5401
Value: "1:1515187002481:86400"
.ads.servebom.com/ Name: up_29
Value: 2238143575827756157
.ads.servebom.com/ Name: a.4764
Value: "1:1515187002951:1209600"
.afterdawn.com/ Name: __utmb
Value: 101350609.2.10.1515187003
.ads.servebom.com/ Name: up_26
Value: 2238143575827756157
.bluekai.com/ Name: bku
Value: s9y99eFgENGGBEOe
.pubmatic.com/ Name: pi
Value: 46338:2
.casalemedia.com/ Name: CMDD
Value:
.ads.servebom.com/ Name: up_25
Value: 2238143575827756157
.ads.servebom.com/ Name: a.5393
Value: "1:1515187002481:86400"
.ads.servebom.com/ Name: a.5402
Value: "1:1515187002481:86400"
.ads.servebom.com/ Name: up_23
Value: 2238143575827756157
.ads.servebom.com/ Name: up_46
Value: 93C8538F-9966-44C1-A25C-F5336ADEA717
.ads.servebom.com/ Name: ramp_session
Value: 5590A638E55E40C7A3F2EF4B79D52DF7
.ads.servebom.com/ Name: a.4514
Value: "1:1515187002481:86400"
.impdesk.com/ Name: idb
Value: Wk_rO6EZCAAPXCCvWk_rO6g_ZIk
.openx.net/ Name: pd
Value: v2|1515187003|cP968U9chk90e7938R8X
.ads.servebom.com/ Name: a.7034
Value: "1:1515187002481:86400"
.ads.servebom.com/ Name: a.5076
Value: "1:1515187002481:86400"
.ads.servebom.com/ Name: a.4080
Value: "1:1515187002481:86400"
.rubiconproject.com/ Name: put_2676
Value: 1742922720015792374
.ads.servebom.com/ Name: a.5367
Value: "1:1515187002481:86400"
.ads.servebom.com/ Name: up_19
Value: JC2F7YGV-1V-DINT
.ads.servebom.com/ Name: a.5404
Value: "1:1515187002481:86400"
tap2-cdn.rubiconproject.com/ Name: cd
Value: false
.ads.servebom.com/ Name: a.4973
Value: "1:1515187002481:86400"
.rubiconproject.com/ Name: khaos
Value: JC2F7YGV-1V-DINT
.ads.servebom.com/ Name: u
Value: CCFEC5C00F434B7CB1E1298A2A81F84B
.afterdawn.com/ Name: __utmt_1
Value: 1
.casalemedia.com/ Name: CMSC
Value: Wk-rOg**
.ads.servebom.com/ Name: a.7035
Value: "1:1515187002481:86400"
.ads.pubmatic.com/ Name: KCCH
Value: YES
.bluekai.com/ Name: bkdc
Value: iad
.ads.servebom.com/ Name: up_22
Value: 8856061f-d6ac-0a5f-34d8-5cf373741138
.afterdawn.com/ Name: __qca
Value: P0-1846013749-1515187002931
.ads.servebom.com/ Name: ud
Value: 20180105211642+0000
.afterdawn.com/ Name: __utma
Value: 101350609.69328032.1515187003.1515187003.1515187003.1
.ads.servebom.com/ Name: a.4100
Value: "1:1515187002481:86400"
.rubiconproject.com/ Name: put_1523
Value: L2PZwZsB1Exzm35
.ads.servebom.com/ Name: a.5622
Value: "1:1515187002481:86400"
.ads.servebom.com/ Name: up_14
Value: 9736910552923801883
.afterdawn.com/ Name: __utmz
Value: 101350609.1515187003.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.ads.servebom.com/ Name: a.5403
Value: "1:1515187002481:86400"
.ads.servebom.com/ Name: up_33
Value: 2238143575827756157
.afterdawn.com/ Name: __utmt_2
Value: 1
.afterdawn.com/ Name: __utmc
Value: 101350609

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ad.afy11.net
ads.servebom.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
apis.google.com
assets.rubiconproject.com
b.scorecardresearch.com
bam.nr-data.net
bh.contextweb.com
c.amazon-adsystem.com
cdn.afterdawn.fi
cdn0.afterdawn.fi
cdn1.afterdawn.fi
cdn2.afterdawn.fi
cdn3.afterdawn.fi
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
eb2.3lift.com
edge.quantserve.com
ib.adnxs.com
js-agent.newrelic.com
js.deliverybundlessign.com
match.adsrvr.org
match.basebanner.com
match.taboola.com
mid.rkdms.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
purch-sync.go.sonobi.com
rules.quantcount.com
securepubads.g.doubleclick.net
stuff.afterdawn.com
sync.go.sonobi.com
sync.mathtag.com
sync.rhythmxchange.com
tags.bkrtx.com
tpc.googlesyndication.com
trc.taboola.com
us-u.openx.net
www.afterdawn.com
www.facebook.com
www.google-analytics.com
www.googletagservices.com
x.bidswitch.net
104.111.232.108
151.101.112.166
151.101.114.110
151.101.114.2
151.101.114.49
162.247.242.21
172.217.18.162
173.241.240.143
184.169.177.13
185.29.135.233
195.181.174.7
2.21.246.10
2.21.246.11
2.21.246.91
216.58.207.34
23.92.190.69
2600:9000:2002:5200:6:44e3:f8c0:93a1
2a00:1450:4001:806::200a
2a00:1450:4001:806::200e
2a00:1450:4001:820::2002
2a00:1450:4001:824::2002
2a00:1450:4001:824::200e
2a00:1450:400e:804::2001
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.233.214.145
34.249.51.231
35.187.29.235
37.252.172.12
52.17.204.197
52.19.190.60
52.48.166.254
52.58.201.177
52.94.218.7
54.192.131.56
54.240.184.219
74.117.199.102
8.41.222.241
8.43.72.97
81.171.25.242
81.171.25.243
95.172.94.55
00d8574968fd87dad2bb6bf17a05308015236a1f9b5465460d9f48d0bedd9aff
0356044214bfbedb4744e88e7b07a853ac4fa09bb7381832e48886d6d4b7096e
090656fcafc93c4055e1709a5c6625933f6c66e99502f6cca0cbf89182c81711
0adfdc4b799a5617ede4468dcee82145e68cfb0441070ccbd4fb340e0e29b3f5
1fbe24b21193812798bf4ff10c185dc6dc16534f381f5a3aeae66f0d9fabdaad
2765f19e4006f59fde185d5a51950cb3c832fa2adada3efea6aedf06ad3165f6
29dbea3ab6cfd4bc026f89e3061ef871d4ba1f3592befd6bc680f8980d8c0d8c
2e4dbbba024782d7ca41fb2cdbd99c86434f98e2fef974e8c07b9f23e2c3e5d8
3862325a0930447233fd0b1aacb3d9be10a028120508aeb400c68d5a8a4cf9e9
3a354e0441c135d886a89e51fdafea199d6d6b4dc4669e7d817f610014a27094
3e9b1e419ce53f556d21d94b8e3deb4cc772040d5b871a3fe1412f1d42fc0b49
413e24db425417fa28a81af600ef7cdd50df8ba038b0991b8cfc66b8b891242b
4957709822bd63bfaf8df49960e6767d28e87e15cb181dfd31b9ef08f59bc8b4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
5a76e3569cde5d411757062c34c597c8239bb23804b5a5291baf45134354f2a1
5a8ad40f18c6232e83734bc1089b95ccaf5f53ba136972555dae3d339b319d69
5add489a25395c3ce162a037b00c89529b40490f4c89674c1d345c09e5c87376
5d151f2dc88eb2a0674df4997d5748949d5e6d5e70a0ed72906de3000122b7ab
5e4b3bc24864623f5dad7ef3653aa6a19f5fbfe32d5577b3583da90c107c082e
5ef8759851ebb2b7c39b9448480a867a26f1c0c6dcbb6211424055cf725f6ec3
6a700bb2a9bebc84a5ec198bfade1559fa6ce736ccdc015f463fa90468592cd8
7c2c58fc24e2d3458b88680cfad4577011697df9a1406808f2f7d8f46060d8a7
7c7e696a1f779d7e66369e32c336da071da0e79e141b10c840b8e8d03ff21f1a
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
96979e6c06d04937abfb713eca3515ce0550a4ec28ca6dc7aaa634f89f3c8396
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a46267bc2b4c50a76bd11e8cbae1c31d16826a6fe3db3016cc91d8436ab709e4
a843b9c5d51c9525475b62a37742bc2b2e812a6a23699b47cc0c4035606ed514
aa99279e9958d454df0cb54e1eededb3876876f6f43b1946dbc51489f947ace8
ac31e65f64bf0f367c231d0da2ae8da3de5a04f3ff2387dbd70221719939941a
b5c0221dba550b6aeb6b03c1e417c256ae40cb8667d6b5defac484fa22f7a7e0
c33288db3c8e2991eb26c0f57b406d821613775ab80fd7e21f9fda9f960151e2
c6e76ef1344c1464e59530e4d00bd69dca06e6ac417282fcdbfe65551ca80f28
c8ef31f9a1ebc53a61af679a620f30a0eb560e797c25ec82179991d97a7fdb5d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb0b5796c28242e8bfb982df2a6098ddf52e040cea29b6fdd379a65ad00071ca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d4eaba3489683c6d35d078e2e789737c085472b9580a5b55b4860685e9ebf981
d694fd870b2b8a510f089f600942ea4afef7c42bc23135d6a7de59f516ab0b33
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e247fc0445afcc487cf76418f4066a44970eec59afdef991758ee9d228f460eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8802d2af0ac8a4c64ba7f608b99ca0dfdb9b0a97854c8156d9c867de767ba2b
ea51bd07406335b7020cc59c28b8df1c93593200222b3136e4ef056e13c4fe4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11f9e7a7b43ec2de3ea9137553669010def8299f808b5e4348db56f6b050982
f2939efb1a63092990f4de37d5f945eaef9a3ea061420dbdb6aa004a3884662d
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f6de9ced41ed54dbfc4f51abfeb65d843bd8dd33a45cbb773ecf5f92d065dd52
fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8
fefd649f02a86c02433ae99df5e829cc428e9ef8a0b7dadbe59cc972bd9d6f1c