rubistar.4teachers.org Open in urlscan Pro
166.78.24.46 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rubistar.4teachers.org/
Effective URL:
http://rubistar.4teachers.org/index.php
Submission: On June 28 via manual (June 28th 2022, 4:19:05 pm UTC) from CA — Scanned from CA

Summary HTTP 137 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 25 IPs in 2 countries across 24 domains to perform 137 HTTP transactions. The main IP is 166.78.24.46, located in United States and belongs to RMH-14, US. The main domain is rubistar.4teachers.org.

This is the only time rubistar.4teachers.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	166.78.24.46 166.78.24.46	33070 (RMH-14) (RMH-14)
1	2606:4700:440... 2606:4700:4400::6812:23ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800b... 2620:116:800b:21:f059:4f7e:28a9:1588	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.149.112 65.9.149.112	16509 (AMAZON-02) (AMAZON-02)
7 37	2606:4700:440... 2606:4700:4400::ac40:98f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	65.9.149.113 65.9.149.113	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
1 4	3.223.70.168 3.223.70.168	14618 (AMAZON-AES) (AMAZON-AES)
2	172.64.155.149 172.64.155.149	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.80.70 142.250.80.70	15169 (GOOGLE) (GOOGLE)
3	2600:9000:20d... 2600:9000:20d1:8a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	65.9.149.65 65.9.149.65	16509 (AMAZON-02) (AMAZON-02)
13	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.126.92 35.190.126.92	15169 (GOOGLE) (GOOGLE)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
19	2607:f8b0:400... 2607:f8b0:4006:824::2006	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
2 2	54.187.162.41 54.187.162.41	16509 (AMAZON-02) (AMAZON-02)
1	18.210.147.45 18.210.147.45	14618 (AMAZON-AES) (AMAZON-AES)
1 1	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
2 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	107.23.25.2 107.23.25.2	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.218.90.66 3.218.90.66	14618 (AMAZON-AES) (AMAZON-AES)
4	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
15	2600:1f18:1ac... 2600:1f18:1aca:4280:702:b69e:e28a:c3ba	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:81c::200e	15169 (GOOGLE) (GOOGLE)
1	54.187.35.166 54.187.35.166	16509 (AMAZON-02) (AMAZON-02)
2 2	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	104.36.115.109 104.36.115.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	184.50.205.90 184.50.205.90	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	69.12.8.74 69.12.8.74	11742 (SPOTX-IAD) (SPOTX-IAD)
1 2	2600:9000:20d... 2600:9000:20d1:2200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4998:14:... 2001:4998:14:800::1000	14777 (YAHOO) (YAHOO)
1 2	2620:116:800b... 2620:116:800b:21:a021:b886:81cc:55cf	14618 (AMAZON-AES) (AMAZON-AES)
137	25

21 166.78.24.46 (United States)

ASN33070 (RMH-14, US)

rubistar.4teachers.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:23ee (United States)

ASN13335 (CLOUDFLARENET, US)

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:f059:4f7e:28a9:1588 (United States)

ASN14618 (AMAZON-AES, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.149.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-149-112.qro51.r.cloudfront.net

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2606:4700:4400::ac40:98f5 (United States) 7 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnx.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.149.113 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-149-113.qro51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81c::2002 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.223.70.168 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-70-168.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.155.149 (United States)

ASN13335 (CLOUDFLARENET, US)

a4.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.70 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20d1:8a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.149.65 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-149-65.qro51.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:81f::2002 (New York, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.126.92 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 92.126.190.35.bc.googleusercontent.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:824::2006 (New York, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81c::2001 (New York, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.187.162.41 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-162-41.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.147.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-147-45.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.25.2 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-25-2.compute-1.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.218.90.66 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:1f18:1aca:4280:702:b69e:e28a:c3ba (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.187.35.166 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-35-166.us-west-2.compute.amazonaws.com

cendantchg.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.81 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.109 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.50.205.90 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-205-90.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.12.8.74 (Ashburn, United States) 2 redirects

ASN11742 (SPOTX-IAD, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20d1:2200:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:a021:b886:81cc:55cf (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	tribalfusion.com 7 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 cdnx.tribalfusion.com — Cisco Umbrella Rank: 14038 a4.tribalfusion.com — Cisco Umbrella Rank: 34067 s.tribalfusion.com — Cisco Umbrella Rank: 2209	43 KB
22	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 536 static.adsafeprotected.com — Cisco Umbrella Rank: 562 fw.adsafeprotected.com — Cisco Umbrella Rank: 771 dt.adsafeprotected.com — Cisco Umbrella Rank: 481	191 KB
21	4teachers.org rubistar.4teachers.org	58 KB
19	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	1010 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	135 KB
7	doubleclick.net 1 redirects ad.doubleclick.net — Cisco Umbrella Rank: 189 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287	52 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	123 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 629 simage2.pubmatic.com — Cisco Umbrella Rank: 611	1 KB
3	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 299 ads.yahoo.com — Cisco Umbrella Rank: 1058	753 B
3	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 387	540 B
3	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 192 cendantchg.demdex.net — Cisco Umbrella Rank: 27400	3 KB
3	scorecardresearch.com 1 redirects b.scorecardresearch.com — Cisco Umbrella Rank: 4006 sb.scorecardresearch.com — Cisco Umbrella Rank: 134	3 KB
3	quantserve.com 1 redirects edge.quantserve.com — Cisco Umbrella Rank: 14577 pixel.quantserve.com — Cisco Umbrella Rank: 443	11 KB
2	quantcount.com 1 redirects rules.quantcount.com — Cisco Umbrella Rank: 991	880 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 501	1008 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	17 KB
2	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608	2 KB
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 483	458 B
1	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 545	200 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 457	338 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 336	765 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 1701	94 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 445	632 B
1	exponential.com tags.expo9.exponential.com — Cisco Umbrella Rank: 10857	14 KB
137	24

	Domain	Requested by
28	a.tribalfusion.com	4 redirects tags.expo9.exponential.com rubistar.4teachers.org a.tribalfusion.com
21	rubistar.4teachers.org	rubistar.4teachers.org
19	s0.2mdn.net	ad.doubleclick.net s0.2mdn.net rubistar.4teachers.org
15	dt.adsafeprotected.com	rubistar.4teachers.org
13	pagead2.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com rubistar.4teachers.org www.googletagservices.com
6	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
6	cdnx.tribalfusion.com	rubistar.4teachers.org a.tribalfusion.com cdnx.tribalfusion.com
5	www.googletagservices.com	a.tribalfusion.com www.googletagservices.com s0.2mdn.net rubistar.4teachers.org ad.doubleclick.net
4	googleads4.g.doubleclick.net	ad.doubleclick.net
3	us-u.openx.net	2 redirects a.tribalfusion.com
3	s.tribalfusion.com	3 redirects
3	static.adsafeprotected.com	pixel.adsafeprotected.com rubistar.4teachers.org
2	pixel.quantserve.com	1 redirects rubistar.4teachers.org
2	rules.quantcount.com	1 redirects rubistar.4teachers.org
2	sync.search.spotxchange.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	www.google-analytics.com	rubistar.4teachers.org
2	fw.adsafeprotected.com	1 redirects a.tribalfusion.com
2	ups.analytics.yahoo.com	2 redirects
2	dpm.demdex.net	2 redirects
2	dsum-sec.casalemedia.com	2 redirects
2	ad.doubleclick.net	www.googletagservices.com
2	a4.tribalfusion.com	rubistar.4teachers.org
2	pixel.adsafeprotected.com	a.tribalfusion.com rubistar.4teachers.org
2	sb.scorecardresearch.com	1 redirects rubistar.4teachers.org
1	ads.yahoo.com	a.tribalfusion.com
1	tags.bluekai.com	1 redirects
1	simage2.pubmatic.com	1 redirects
1	cendantchg.demdex.net	ad.doubleclick.net
1	pixel.advertising.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	beacon.krxd.net	a.tribalfusion.com
1	pixel.rubiconproject.com	a.tribalfusion.com
1	public-prod-dspcookiematching.dmxleo.com	a.tribalfusion.com
1	aa.agkn.com	1 redirects
1	b.scorecardresearch.com	rubistar.4teachers.org
1	edge.quantserve.com	rubistar.4teachers.org
1	tags.expo9.exponential.com	rubistar.4teachers.org
137	38

This site contains links to these domains. Also see Links.

Domain
a.tribalfusion.com
www.4teachers.org
quizstar.4teachers.org
trackstar.4teachers.org
notestar.4teachers.org
profilerpro.com
4teachers.org

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-03` - `2022-08-02`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-18` - `2022-08-03`	2 months	crt.sh

This page contains 23 frames:

Primary Page: http://rubistar.4teachers.org/index.php
Frame ID: 847EB6B4F24DDAC4D6160CE92CEC97D0
Requests: 61 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N5877.2106305EXPONENTIAL/B26160057.315762271;dc_ver=90.264;dc_rxp=1;dc_eid=40004000;sz=728x90;u_sd=1;cid=0002910059;dc_adk=311390502;ord=i1erxr;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FabmXLt1UBfXaioRbvATbQ0TtQ2nUfrQrvm1EJN5qFl2av2oabBYbU7UWFTnPvJpV7spdMF3E372tEt4AfZcprnZdXsrWXsrY1sZbnnEfQ5Uv2VUJFUAvTQqQ1PcroPHUM1H7qWAjm4sn0YFFJUmit46FeRmJD4WQO0HMLmtIo5mvR4sMfVsYjVcf7PPZbvWdY3UFM03F2oWEYoTEQ9PqBZaQVfIPFmmRW38VGM32r6xodqO0qvwvQubn8IZcYWqM0BaMTcr60beLyBalM6734VUsLB64m6%2F;dc_rfl=0,http%3A%2F%2Frubistar.4teachers.org%2Findex.php$0;xdt=0;crlt=SwRuuBj3oO;stc=1;sttr=57;prcl=s
Frame ID: 316867CFB01F6E13E8217F4ADE52C49E
Requests: 8 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=acmTgbUcbePP3xWtUPWbnY5biqUaYtVEnlSaJZaSVZbCPbAwRWrcUVUP5UimoWeOXT6n2tMHSG7Zc26QZbodXrTdZb6YFQ8XbblXayoPbrZbTrvSVdJXmUBuQUFn1EYy5aUf4TfRoEJB1rJfUWBSnPMBnVYnpHvK5T373dmq3A7GnFbJ0GYWXGMYXVZbnnqvP3FY4VbfBVPY4RTfQScZbMStUN2WbuTbA3MCmnumZbunTqddn&mediaDataID=7665496&mediaName=frame.html
Frame ID: BD41F54F1371D504620BCD090440B0E9
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=admTgbXG7xpT7W5FUPVUFHUAj4QaY1PVrMSH3y1tbuVm3m2cU50UMZaU66n26UePArI2HUtXWUCptEu56BP5Gn7UGn7VVB7PPZbMWdv3TUFP3r2tWqnsWa36ST3FScQZdPFmvPWUbUVv54U2mnt6OXaPu3drZaSVbZa46JZbmdAyTdQc0bbbYUQj1EAMRFJDUF3QVWQXnbfnRFvN1EFy3TUlYEMRoQXcuBaZbr8M9OZaJYRc&mediaDataID=8039566&mediaName=frame.html
Frame ID: 0554671BF43A5B314E1DC51F48D6F6AC
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aemTgbXaitPbQFUUv4WdF4orfsPFbtXTMy3a3j4aMRmEFLYbB9WHZbWnPbKpsMwod7L3TUf5tay3P7ZanrbZbXsrQXGM01sFppTnQ5Uv2WbJZcWP72QEn2QsUoStJr1HvrVPjp4cr20UQDT6Pn5AYePmFB3W3yXHQAnt2u36YY5GjdVcn8WcJjRmnoUHFSUb7R3FEtVaUpTEFlSTBFQVQJWUavPCECs8TxN66AyaZbODF&mediaDataID=5436426&mediaName=frame.html
Frame ID: F53425F4A8DDF0F22DF67CD936B49F4E
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=afmTgbPP3uWd3VWbbY3bZanUqYqWTMbPTvFQcYLPravRWYlWGnU2FPqntuq0Emp2HjZbQVjE2m3FmtAsTWQ8XUrbXr7l1TZasPbBCWUMSWWnWmbQqPbjtXqrp3TJa4T75marI1b76WH7XmPUKmVrwoWQC2E385d6N5PvZaprMEXsfW1cnX0GbpnTZb43rFRVUjZaW6v1QT31SsBMStUrYtvpQAvp4paxv7ydqUiBNFyIHX&mediaDataID=6530936&mediaName=frame.html
Frame ID: AAFBEF31B5C0976592A9037444943CBB
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=agmVoApT7T5U3SVrMFVPQ3RE33PVBsPdjrYHnnV6vp2cvVXFYJVm2r5AB9RP7K2tFM0HYIpdIm3mYS5sj9TVUcVGFkS6MuWdZbRWrBP2FauWajnWTv6QqQKQVFBQrqrPWjiVVrW5UPtodAq0aen3HnZdQsrG5AUJoHXsUHZbdXbbiYUYfXaiMRrJGWUrSWdn1oFBqQrrt1EMs5a3j4q32nEbK1FUfWHMXoArans7wU8PGyBiexqiFZameDHB&mediaDataID=5578346&mediaName=frame.html
Frame ID: D4D869E908349B0C135764ECE2354318
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=ahmTgbPbQHWUYYVWM2nrfoRUByXqZbt5Eja2Tf1mT7IYbjgUWfRoAYZcmVjnmtrJ3aF93des3AjEpbMZcXGfSYVY31cBMmaBW5UZbSTFZbZcV6YTPTb4QVMrPWfwYtbuVPbN2GJU0FvKVmmw4An9QmfK2Hrq1WQDptZao5mBS3srgTVJ6UcJ7R6rMTHn3UUM43rAwWTrsWEnbSEZbFQVQCRruoUdMiUSAnOnQ5PCqEMsZcZdOs&mediaDataID=6807466&mediaName=frame.html
Frame ID: EE3DCA37E60E371A3215B255C00A3F45
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aimTgbWd3WWrb13bExUEYmTTrdQqnHRVfCRFmmRHMiWG324UqnodEmYaau4WvZdQcMZc46QZdmdZaNVHJ7XbfdYbFe1EZanSUnFWUJ2TtrWnUfxPFrsYaMN5E7h2aMRmaMFYF3fWWJQoArBnV3npWMJ3Trg2t6M3PfGnbbZc0Gn0YVF1XGFwmEZbV5Fn2VbnAWPMVPaM4PsrtSdYrYtvuT6bu1V3U0PejrE34NrZbSt3tNXj&mediaDataID=4056396&mediaName=frame.html
Frame ID: 65F06E4A3A14DF4C2AAC5082C09A6FB6
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=ajmTgb5U3VTFfFUPrXRTfXScvmSdZbu0tBuTPjw2s3UXFrAT6um2PMdQmnB4dUO0tJCntEw36U13cr6TcJaWV7fSmMNTWMRWrr55b6uVTUvVEJ6QaYLRsYZbRravRt77Wcj52UToodeOXaTu3tnZdQVZbH5mYEmtIyTHQ70bnkYbYkXaApSUMDWFrSVWJYmbZbvPrjnXTMs3EYa2a7RoTMD4UJfWCXsQqXbQ97Bm3Teb6&mediaDataID=6546596&mediaName=frame.html
Frame ID: C5F7EB56DE2E9E95E979C27CDE977627
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=akmTgbWUYYTtQ2nUYmPU7t1Enp3Eji5TYRoarBYrJfUWF1mPMLpGQrpWbC5qQ73Wuy5P7ZcprnG0VnPYcF50sbwmqBR2bMRTFvBUA3TQa3QQsZbrSdby0djtT6vp2GBXXbFDV6Xp2PQePmBB3HYO0HvLmdZan3mQY5cj6VcQjWVMlPPnwTWrWUrJP3F2sWanxVqQ6PEvZdQG3CRruvPH7dPsv52AFUQSF1uQeIy8CgNH&mediaDataID=6347136&mediaName=frame.html
Frame ID: F5D3CC7F7A1F5DD0EE9379A04161598D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A4864E2F4FC4274D7B1DDE752516127C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/index.html?e=69&leftOffset=0&topOffset=0&c=lyKpyakYQX&t=1&renderingType=2&ev=01_247
Frame ID: 789A2AE4D91BDFD0E7782B8A82AD5FD4
Requests: 19 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: BBC6180F73C397B0BED208BB5A79FAA6
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: D5A90B526CC2B712AA16365AA86E1D92
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N477201.8427EXPONENTIALINCTRIBAL/B27006846.331061802;dc_ver=90.264;dc_rxp=1;sz=160x600;u_sd=1;dc_adk=843632054;ord=ifspdv;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FalmYxvWrb05bEtWq3sVqrcSTYZcQcZbARFItPHjkWsrT2FuroWisXaex2t3DPVbE46JLptAtUWBhYbQaYbfhXa6sRUUATFZb5VWvWobjxQbrqXTYy5EUh5Ev5oaFH1rF8UWB1n6bBmG3podMF5Evg5dmy46jGnFbZcYsrTYGF21VbMnTr23UFVWbjZcV6M5REvQQVZbtQWUO1HJrTmjx3VB1XFnDU6qn2AY8QPFE2HFyXWBApd2o5aTstDq9rRBIwQaxx6BvRHY3WmXNyQj2tQjCiVrgox%2F;dc_rfl=0,http%3A%2F%2Frubistar.4teachers.org%2Findex.php$0;xdt=0;crlt=SwRuuBj3oO;stc=1;sttr=5;prcl=s
Frame ID: 13B9718D959F47804F94C928C5DB35D1
Requests: 12 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aAmTKdTFfEUAv2QaM4SsYqSt3y0HJmW63p4GJ2XUQDT6Tv4AY8R6ZbF3HBqXd3AnHTm5mYQ3sveVsQdWcMhR6YvTHM4TrfS5bTtUqQvWqnlQEBKRc3LPUqsPHMiWcbR4rexotAs0qqp2tYEPV7Za46nZapdIOVHBhXrfa1UF90TqmPbBHTbZbPVWMWnbJqRUZbqYqZbr5Efg5qvPoaMI1rUfWH7MmmfBV9XrSCIAxHQ0Qt2xIZd&mediaDataID=9148826&mediaName=frame.html
Frame ID: D8E6600432CFFBFE3E30B92BF03A1921
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aBmTKdTtQ3orJnPrByXaZbr3TFl5TU4oaFI1F36UH7XmPQCnVrmmHYG2TBg5HiN56nEnbMZa0GMX1s320GvunabU2rM5WFbZaUAf1REYQPGrMQdUy1tjnVmny4s3UXbZbZcTAaw2Av7R67K2Hnq1HUAntav46Q03cMgTsJdUc78R6FOWdQQUbj23beuVarsTTnbQaJZaSGjZaQb6xPt7iUVb52Fy4mWqOOQQyM8EGtFftPoPnZbL&mediaDataID=2713736&mediaName=frame.html
Frame ID: 54F304CD3FFC2DD0630F2C75CECD3578
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aCmTKd5bEoUqrpVEMcPqMZaQVbBQUisStYiUcjV4FyxmtZayXayv4dUAPVvH2AQHoHPNTHJ90bMi1FBf0aqqRUUGTrvPWtY2orYqRUJNXaMy5EUh4TY2nEfH1rJfUtMUmm7BpVUpmHrJ3Tng2daN5PBZbmrrH0Vv0YsF2XG7nnavS5UnPVUvCVmUTQTM4ScrtQH3y1dFsWmMn4GBU0UZbDVmm546ZbetFEFMRisyT3xQSbZcYr&mediaDataID=6719746&mediaName=frame.html
Frame ID: B3E019433801B4A7A224E70B70E18578
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aDmTKdUAv4REM1QVBOQt3yYtBtVPvO4GvU0bFKTmmw4ArhPmfA4WMm1HZbLpWAo5AJ15cr8Vc3lUsbeRPFxUWYVTUFS2bZaoUqbsTTrlPqvFSGQKQUZamPWn9UVv54r6smWyO0a2w4dvZdQVJH563Hot6tUWBe0rvkYFYfXaiMRUJAWUv0VHv5mbbxQFjn1EMs5a3j4q32nEbK1FUfWHMXoArans7wU8PGyBiexqiFQdfXHk&mediaDataID=5207316&mediaName=frame.html
Frame ID: 5FF148A233D9C20A29E0B7955B481B1B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DBEC01576361492E6A8855B9D255143D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/knGWWo7aSa0uHovcfrgOqEbwt81bmGsp9O44qLiKOUk.js
Frame ID: A870F9FBC645279C9A1CB6C7C96F19FD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/knGWWo7aSa0uHovcfrgOqEbwt81bmGsp9O44qLiKOUk.js
Frame ID: 2703B27557F0E7C7E124C230E7A1DD4B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RubiStar Home

Page URL History Show full URLs

http://rubistar.4teachers.org/ Page URL
http://rubistar.4teachers.org/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

137
Requests

53 %
HTTPS

37 %
IPv6

24
Domains

38
Subdomains

25
IPs

2
Countries

1656 kB
Transfer

2920 kB
Size

33
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://a.tribalfusion.com/j.u?rnd=2000657446&redirect=https://vdx.tv/ad-choices-fromad/

Search URL Search Domain Scan URL

URL: http://www.4teachers.org/help/advertisements/
Title: Why ads?

Search URL Search Domain Scan URL

URL: http://www.4teachers.org/tools/

Search URL Search Domain Scan URL

URL: http://www.4teachers.org/

Search URL Search Domain Scan URL

URL: http://quizstar.4teachers.org/
Title: QuizStar

Search URL Search Domain Scan URL

URL: http://trackstar.4teachers.org/
Title: TrackStar

Search URL Search Domain Scan URL

URL: http://notestar.4teachers.org/
Title: NoteStar

Search URL Search Domain Scan URL

URL: http://profilerpro.com/
Title: Profiler Pro

Search URL Search Domain Scan URL

URL: http://4teachers.org/tools
Title: More Tools

Search URL Search Domain Scan URL

URL: http://4teachers.org/contactus.php?tools_id=rs
Title: Contact Us

Search URL Search Domain Scan URL

URL: http://4teachers.org/termofuse.php
Title: | Terms of Use

Search URL Search Domain Scan URL

URL: http://a.tribalfusion.com/j.u?rnd=2000658727&redirect=https://vdx.tv/ad-choices-fromad/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rubistar.4teachers.org/ Page URL
http://rubistar.4teachers.org/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://sb.scorecardresearch.com/b?c1=2&c2=6035233&cs_it=b3&cv=3.8.0.210223&ns__t=1656433139461&ns_c=UTF-8&c7=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&c8=RubiStar%20Home&c9=http%3A%2F%2Frubistar.4teachers.org%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035233&cs_it=b3&cv=3.8.0.210223&ns__t=1656433139461&ns_c=UTF-8&c7=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&c8=RubiStar%20Home&c9=http%3A%2F%2Frubistar.4teachers.org%2F

Request Chain 43

https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662296618092723 HTTP 302
https://a.tribalfusion.com/i.match?p=b23&u=213390604196007476689

Request Chain 45

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662296618092723&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662296618092723&C=1 HTTP 302
https://a.tribalfusion.com/i.match?p=b20&u=Yrsp9DJCMlu5FK0NcHkcBQAA

Request Chain 46

https://a.tribalfusion.com/i.match?p=b24&u=18072662296618092723&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b24&u=18072662296618092723&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662296618100798

Request Chain 47

https://a.tribalfusion.com/i.match?p=b10&u=18072662296618092723&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b10&u=18072662296618092723&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662296618107931&expires=180

Request Chain 50

https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662296618092723&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662296618092723&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
https://a.tribalfusion.com/i.match?p=b13&u=39930292892171146602499573488221969328

Request Chain 51

https://a.tribalfusion.com/i.match?p=b22&u=18072662296618092723&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b22&u=18072662296618092723&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662296618107929

Request Chain 52

https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662296618092723 HTTP 302
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEHhzoSp2jZHM9DfShjzrBCk&google_cver=1&google_ula=2786954,0

Request Chain 53

https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=2577a364-f15a-4875-aa1b-a40846e3e1d0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662296618107931

Request Chain 54

https://pixel.advertising.com/ups/57628/sync?uid=18072662296618092723&_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662296618092723&_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662296618092723&_origin=1&redir=true&verify=true HTTP 302
https://a.tribalfusion.com/i.match?p=b17&u=y-5AEykKVE2ui0Q9VBOOqTev3erIPntEs-~A

Request Chain 64

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/911106/61851556/dcm/dcmads.js?adsafe_url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&adsafe_type=abdq&adsafe_url=http%3A%2F%2Frubistar.4teachers.org%2F&adsafe_type=f&adsafe_jsinfo=,id:11cf61ea-e3d1-f0ea-26f6-0ff274fb66a7,c:gQM1vE,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-74d8c6bddc-nr6cv,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:1217.112.1.1,am:s,cc:1137.112.160.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:ta4oEhw+1*.911106-61851556%7C111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:17,oid:04af0e41-f6fe-11ec-8e63-66e12a68a265,v:19.8.319,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://www.googletagservices.com/dcm/dcmads.js

Request Chain 77

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 93

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662296618092723%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662296618092723%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662296618092723&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
https://a.tribalfusion.com/i.match?p=b11&u=A753D9B1-EAE9-4BAC-8C74-93F2E63160BA

Request Chain 96

https://tags.bluekai.com/site/4229?id=18072662296618092723&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID

Request Chain 99

https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662296618092723&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662296618092723&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=050113e2-f6fe-11ec-aec4-19b3ac430503 HTTP 302
https://a.tribalfusion.com/i.match?p=b19&u=0501139f-f6fe-11ec-aec4-19b3ac430503

Request Chain 100

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1836185787&utmhn=rubistar.4teachers.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=RubiStar%20Home&utmhid=1844870238&utmr=0&utmp=%2Findex.php&utmht=1656433140720&utmac=UA-10627506-1&utmcc=__utma%3D55323060.54147971.1656433141.1656433141.1656433141.1%3B%2B__utmz%3D55323060.1656433141.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1568516469&utmredir=1&utmu=DBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1836185787&utmhn=rubistar.4teachers.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=RubiStar%20Home&utmhid=1844870238&utmr=0&utmp=%2Findex.php&utmht=1656433140720&utmac=UA-10627506-1&utmcc=__utma%3D55323060.54147971.1656433141.1656433141.1656433141.1%3B%2B__utmz%3D55323060.1656433141.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1568516469&utmredir=1&utmu=DBAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 101

http://rules.quantcount.com/rules-p-82Wca6j68XExo.js HTTP 301
https://rules.quantcount.com/rules-p-82Wca6j68XExo.js

Request Chain 115

http://pixel.quantserve.com/pixel;r=1202670874;rf=0;a=p-82Wca6j68XExo;url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php;ref=http%3A%2F%2Frubistar.4teachers.org%2F;uht=2;fpan=1;fpa=P0-1532156789-1656433141180;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;d=4teachers.org;je=0;sr=1600x1200x24;dst=0;et=1656433141180;tzo=0;ogl= HTTP 301
https://pixel.quantserve.com/pixel;r=1202670874;rf=0;a=p-82Wca6j68XExo;url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php;ref=http%3A%2F%2Frubistar.4teachers.org%2F;uht=2;fpan=1;fpa=P0-1532156789-1656433141180;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;d=4teachers.org;je=0;sr=1600x1200x24;dst=0;et=1656433141180;tzo=0;ogl=

137 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
rubistar.4teachers.org/ 103 B
437 B 309ms
131ms Document
text/html 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: http://rubistar.4teachers.org/
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: 296d2cf190673cacdb8ce73ffacc75fdc3a6a9752ada36ed7c1ab75184546f6a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 107
Content-Type: text/html
Date: Tue, 28 Jun 2022 16:21:48 GMT
ETag: "67-4fdc4ab7791c0"
Keep-Alive: timeout=2, max=80
Last-Modified: Wed, 09 Jul 2014 15:50:39 GMT
Server: Apache/2.2.16 (Debian)
Vary: Accept-Encoding

GET
H/1.1 200
OK Primary Request index.php Show response
rubistar.4teachers.org/ 28 KB
8 KB 171ms
171ms Document
text/html 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) / PHP/5.3.3-7+squeeze19
Resource Hash: 25a928730444a77d63cadb975a27ce1e48783255b12c0c8578e0bcb84f7c0eb7

Request headers

Referer: http://rubistar.4teachers.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 7551
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Jun 2022 16:21:48 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Keep-Alive: timeout=2, max=79
Last-Modified: Tue, 28 Jun 2022 16:21:48 GMT
Pragma: no-cache
Server: Apache/2.2.16 (Debian)
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.3-7+squeeze19

GET
H/1.1 200
OK rubistarCss.css
rubistar.4teachers.org/css/ 6 KB
2 KB 214ms
105ms Stylesheet
text/css 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: http://rubistar.4teachers.org/css/rubistarCss.css
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: f5369863a5981c1d3d1c6f6a9221df33c8578015c82b92ea684ecdf96b26dbb0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:21:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Jul 2014 15:50:39 GMT
Server: Apache/2.2.16 (Debian)
ETag: "18be-4fdc4ab7791c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=78
Content-Length: 1791

GET
H/1.1 200
OK tags.js Show response
tags.expo9.exponential.com/tags/4Teachersorg/ROS/ 59 KB
14 KB 256ms
167ms Script
application/x-javascript 2606:4700:4400::6812:23ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.expo9.exponential.com/tags/4Teachersorg/ROS/tags.js
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 2606:4700:4400::6812:23ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff6d28eebe8b2c0d36c5d244646eaa0489702f4b7de7038f6f0c291b8d3e90b0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:18:59 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 14110
X-Function: 151
Last-Modified: Wed, 11 Aug 2021 04:08:51 GMT
Server: cloudflare
X-Reuse-Index: 2
ETag: 9320630080657289140
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600, private
CF-RAY: 7227bdcfb87bca4b-YUL
Expires: Tue, 28 Jun 2022 17:18:59 GMT

GET
H/1.1 200
OK rubistar_logo.gif
rubistar.4teachers.org/skins/default/skinpix/ 3 KB
4 KB 202ms
104ms Image
image/gif 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rubistar.4teachers.org/skins/default/skinpix/rubistar_logo.gif
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: 6e31b823882096d98e618074051b8939a58b0330544d420bfabd2b9cdaee6eef

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:21:49 GMT
Last-Modified: Wed, 09 Jul 2014 15:50:38 GMT
Server: Apache/2.2.16 (Debian)
ETag: "d7a-4fdc4ab684f80"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=80
Content-Length: 3450

GET
H/1.1 200
OK 4teachers_jump.gif
rubistar.4teachers.org/skins/default/skinpix/ 1 KB
1 KB 216ms
105ms Image
image/gif 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rubistar.4teachers.org/skins/default/skinpix/4teachers_jump.gif
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: 7ad2a7e39dd3e55766cebce07a3aa6bd6c8ec1efaf8575219f460f30a9a2dae7

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:21:49 GMT
Last-Modified: Wed, 09 Jul 2014 15:50:38 GMT
Server: Apache/2.2.16 (Debian)
ETag: "4dd-4fdc4ab684f80"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=80
Content-Length: 1245

GET
H/1.1 200
OK lineMid1.gif
rubistar.4teachers.org/skins/default/images/ 98 B
380 B 214ms
102ms Image
image/gif 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rubistar.4teachers.org/skins/default/images/lineMid1.gif
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: 5c01f25a62a6d39f4a0a1d879aa4dff56bb2b0e2a153d025a2ad6e12699d562c

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:21:49 GMT
Last-Modified: Wed, 09 Jul 2014 15:50:38 GMT
Server: Apache/2.2.16 (Debian)
ETag: "62-4fdc4ab684f80"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=80
Content-Length: 98

GET
H/1.1 200
OK bottonTopic01.gif
rubistar.4teachers.org/skins/default/images/ 2 KB
3 KB 123ms
103ms Image
image/gif 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rubistar.4teachers.org/skins/default/images/bottonTopic01.gif
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: 36a0fb9cb2ef3fa04f18fc6d62a71bee1b74779a0fcb95f766194b9b783162cd

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:21:49 GMT
Last-Modified: Wed, 09 Jul 2014 15:50:38 GMT
Server: Apache/2.2.16 (Debian)
ETag: "8e6-4fdc4ab684f80"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=80
Content-Length: 2278

GET
H/1.1 200
OK bottonTopic02.gif
rubistar.4teachers.org/skins/default/images/ 2 KB
3 KB 200ms
96ms Image
image/gif 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rubistar.4teachers.org/skins/default/images/bottonTopic02.gif
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: 3235ea90e5c9bb6ebe0861f4832fdce864470c077d292a3779fb5f4281e14dc2

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:21:49 GMT
Last-Modified: Wed, 09 Jul 2014 15:50:38 GMT
Server: Apache/2.2.16 (Debian)
ETag: "8f5-4fdc4ab684f80"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=80
Content-Length: 2293

GET
H/1.1 200
OK bottonTopic03.jpg
rubistar.4teachers.org/skins/default/images/ 2 KB
2 KB 96ms
96ms Image
image/jpeg 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rubistar.4teachers.org/skins/default/images/bottonTopic03.jpg
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: 987b47cd3f7df93fbf1ba840164ef4862058483f327b5a8ad85019a605f36e5e

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:21:49 GMT
Last-Modified: Wed, 09 Jul 2014 15:50:38 GMT
Server: Apache/2.2.16 (Debian)
ETag: "620-4fdc4ab684f80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=77
Content-Length: 1568

GET
H/1.1 200
OK bottonTopic04.jpg
rubistar.4teachers.org/skins/default/images/ 2 KB
2 KB 96ms
96ms Image
image/jpeg 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rubistar.4teachers.org/skins/default/images/bottonTopic04.jpg
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: e8a99d2994296d8eb001172f0e70357c57657187ee695e17e53466c1068f0c81

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:21:49 GMT
Last-Modified: Wed, 09 Jul 2014 15:50:38 GMT
Server: Apache/2.2.16 (Debian)
ETag: "6c0-4fdc4ab684f80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=79
Content-Length: 1728

GET
H/1.1 200
OK bottonTopic05.jpg
rubistar.4teachers.org/skins/default/images/ 2 KB
2 KB 95ms
94ms Image
image/jpeg 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rubistar.4teachers.org/skins/default/images/bottonTopic05.jpg
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: f0c9fc0fa3a18dcc21472927308cf0458a2bda87225597c638e274812f603aa5

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:21:49 GMT
Last-Modified: Wed, 09 Jul 2014 15:50:38 GMT
Server: Apache/2.2.16 (Debian)
ETag: "73c-4fdc4ab684f80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=79
Content-Length: 1852

GET
H/1.1 200
OK bottonTopic06.jpg
rubistar.4teachers.org/skins/default/images/ 2 KB
2 KB 95ms
94ms Image
image/jpeg 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rubistar.4teachers.org/skins/default/images/bottonTopic06.jpg
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: eca9bd350a051713e84ae6980728645b4bcfcf3642b97f2ebfdeb812e3825c71

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:21:49 GMT
Last-Modified: Wed, 09 Jul 2014 15:50:38 GMT
Server: Apache/2.2.16 (Debian)
ETag: "6c8-4fdc4ab684f80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=79
Content-Length: 1736

GET
H/1.1 200
OK bottonTopic07.jpg
rubistar.4teachers.org/skins/default/images/ 1 KB
2 KB 95ms
94ms Image
image/jpeg 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rubistar.4teachers.org/skins/default/images/bottonTopic07.jpg
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: a733b5e4dc01daa2cf4a331697f8aef675050ac5d1a47d7a1262aeeb771b4353

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:21:49 GMT
Last-Modified: Wed, 09 Jul 2014 15:50:38 GMT
Server: Apache/2.2.16 (Debian)
ETag: "59e-4fdc4ab684f80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=79
Content-Length: 1438

GET
H/1.1 200
OK bottonTopic08.jpg
rubistar.4teachers.org/skins/default/images/ 2 KB
2 KB 88ms
88ms Image
image/jpeg 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rubistar.4teachers.org/skins/default/images/bottonTopic08.jpg
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: 9f8f1043d061d6571219b6023036184d80fc72f241c35ea1523d9414a922c5d5

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:21:49 GMT
Last-Modified: Wed, 09 Jul 2014 15:50:38 GMT
Server: Apache/2.2.16 (Debian)
ETag: "798-4fdc4ab684f80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=79
Content-Length: 1944

GET
H/1.1 200
OK bottonTopic09.jpg
rubistar.4teachers.org/skins/default/images/ 2 KB
2 KB 88ms
88ms Image
image/jpeg 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rubistar.4teachers.org/skins/default/images/bottonTopic09.jpg
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: c61c733e0d00a507e15ec0854627028d4693565f5f391fe3f314e66462b2d4e5

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:21:49 GMT
Last-Modified: Wed, 09 Jul 2014 15:50:38 GMT
Server: Apache/2.2.16 (Debian)
ETag: "6c5-4fdc4ab684f80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=76
Content-Length: 1733

GET
H/1.1 200
OK bottonTopic10.jpg
rubistar.4teachers.org/skins/default/images/ 2 KB
2 KB 88ms
87ms Image
image/jpeg 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rubistar.4teachers.org/skins/default/images/bottonTopic10.jpg
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: 74d9c930572cb278dad205dbdbd88b0f6e1bdec828a754ba1dec31a1380fadef

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:21:49 GMT
Last-Modified: Wed, 09 Jul 2014 15:50:38 GMT
Server: Apache/2.2.16 (Debian)
ETag: "650-4fdc4ab684f80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=78
Content-Length: 1616

GET
H/1.1 200
OK topSpacer.gif
rubistar.4teachers.org/skins/default/images/ 47 B
329 B 87ms
87ms Image
image/gif 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rubistar.4teachers.org/skins/default/images/topSpacer.gif
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: 414065eb8bccfeced9386a863dba180b1ab3153b18395b3bd4e855e0ee860f4e

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:21:49 GMT
Last-Modified: Wed, 09 Jul 2014 15:50:38 GMT
Server: Apache/2.2.16 (Debian)
ETag: "2f-4fdc4ab684f80"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=78
Content-Length: 47

GET
H/1.1 200
OK 4teachersLogo.gif
rubistar.4teachers.org/skins/default/skinpix/ 1 KB
1 KB 88ms
87ms Image
image/gif 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rubistar.4teachers.org/skins/default/skinpix/4teachersLogo.gif
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: aa7fd2448bda49ee08abfc0e2054f1fc902a5a3c29d222dd22c1c4fbad699080

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:21:49 GMT
Last-Modified: Wed, 09 Jul 2014 15:50:38 GMT
Server: Apache/2.2.16 (Debian)
ETag: "452-4fdc4ab684f80"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=78
Content-Length: 1106

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 24 KB
10 KB 208ms
85ms Script
application/javascript 2620:116:800b:21:f059:4f7e:28a9:1588
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:18:59 GMT
Content-Encoding: gzip
Etag: "u2JtyZzqnTXwzBUswy2r+w=="
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Tue, 05 Jul 2022 16:18:59 GMT

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 4 KB
2 KB 243ms
112ms Script
application/javascript 65.9.149.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 65.9.149.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-149-112.qro51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Tue, 28 Jun 2022 11:49:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 09 Jun 2022 14:24:43 GMT
Server: AmazonS3
Age: 29923
ETag: W/"eaf85c1c6758e84acfe134efd70e9373"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 9c2519e54cd2c0044575fd7e89d9bcba.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: QRO51-C1
X-Amz-Cf-Id: hdAEsM44zz5Ax4IImanGPYifNuDhUxjuI_StTqsf5Y6fjA0Xx88NDQ==

GET
H/1.1 200
OK displayAd.js Show response
a.tribalfusion.com/ 677 B
1 KB 278ms
212ms Script
application/x-javascript 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/displayAd.js?dver=0.9&th=8230918794
Requested by: Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/4Teachersorg/ROS/tags.js
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cfe6452430add6815972417b5a0b540bfcf40ea9e12ae88831a54a555f9a751

Request headers

Referer: http://rubistar.4teachers.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 28 Jun 2022 16:18:59 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 330
X-Function: 153
Last-Modified: Wed, 11 Aug 2021 04:08:51 GMT
Server: cloudflare
X-Reuse-Index: 1
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private
CF-RAY: 7227bdd11c7a7138-YUL
Expires: Mon, 26 Sep 2022 16:18:59 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035233&cs_it=b3&cv=3.8.0.210223&ns__t=1656433139461&ns_c=UTF-8&c7=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&c8=RubiStar%20Home&c9=http%3A%2F%2Frubi...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035233&cs_it=b3&cv=3.8.0.210223&ns__t=1656433139461&ns_c=UTF-8&c7=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&c8=RubiStar%20Home&c9=http%3A%2F%2Frub...

0
190 B

135ms
134ms

Image
text/plain

65.9.149.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035233&cs_it=b3&cv=3.8.0.210223&ns__t=1656433139461&ns_c=UTF-8&c7=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&c8=RubiStar%20Home&c9=http%3A%2F%2Frubistar.4teachers.org%2F
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: H2
Server: 65.9.149.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-149-113.qro51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 16:18:59 GMT
via: 1.1 c56bd62457decc316a2ccba21359cec4.cloudfront.net (CloudFront)
x-amz-cf-pop: QRO51-C1
x-amz-cf-id: WH3useHdwk3hIUq_75XQn8VXxUP-MhuJ6KTLOCtS-HQ7vr5slkwW9g==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=6035233&cs_it=b3&cv=3.8.0.210223&ns__t=1656433139461&ns_c=UTF-8&c7=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&c8=RubiStar%20Home&c9=http%3A%2F%2Frubistar.4teachers.org%2F
date: Tue, 28 Jun 2022 16:18:59 GMT
via: 1.1 c56bd62457decc316a2ccba21359cec4.cloudfront.net (CloudFront)
x-amz-cf-pop: QRO51-C1
content-length: 0
x-amz-cf-id: ge3sgHux-mYqQTRZxIZNK3V9NuM6JJH4BhCKkSBCkv3EN3bZIig6DQ==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK j.ad Show response
a.tribalfusion.com/ 9 KB
5 KB 133ms
133ms Script
application/x-javascript 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=4teachersorg&adSpace=ros&center=1&size=728x90&env=display&url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&rurl=http%3A%2F%2Frubistar.4teachers.org%2F&f=0&p=13064183&tKey=armneM3cY40FYJUATq4AFh2S7nVp5T6t&a=1&adContainerId=richmedia_2&rnd=13063873
Requested by: Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/4Teachersorg/ROS/tags.js
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 116ab965ebe00608e0a0d81b14bb97e89e25d4e3949b0825438a722865263484

Request headers

Referer: http://rubistar.4teachers.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 28 Jun 2022 16:18:59 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 3817
Pragma: no-cache
X-Function: 101
Server: cloudflare
X-Reuse-Index: 2
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store, proxy-revalidate
CF-RAY: 7227bdd26e877138-YUL
Expires: 0

GET
H/1.1 200
OK tf_adChoice11.js Show response
cdnx.tribalfusion.com/media/common/adChoice/ 4 KB
2 KB 103ms
57ms Script
application/x-javascript 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdnx.tribalfusion.com/media/common/adChoice/tf_adChoice11.js
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9ebddedcebd351bb4e992c15921ef1378358eb1e02a8bae03d249506f2cd11a

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:18:59 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 3713
Transfer-Encoding: chunked
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Function: 301
Last-Modified: Mon, 22 Mar 2021 08:13:56 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public
CF-RAY: 7227bdd37908ecea-YUL
Expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ 23 KB
9 KB 141ms
36ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=4teachersorg&adSpace=ros&center=1&size=728x90&env=display&url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&rurl=http%3A%2F%2Frubistar.4teachers.org%2F&f=0&p=13064183&tKey=armneM3cY40FYJUATq4AFh2S7nVp5T6t&a=1&adContainerId=richmedia_2&rnd=13063873

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ce23e400795f2042907e26c6420149ab2ea1c1f5dc6103632f6a2f626afd8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rubistar.4teachers.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 28 Jun 2022 16:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8757
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 13:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 28 Jun 2022 17:18:14 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ 47 KB
12 KB 155ms
46ms Script
application/javascript 3.223.70.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=8947&advId=762733&campId=14376432&pubId=89230&chanId=10655685&placementId=728x90
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=4teachersorg&adSpace=ros&center=1&size=728x90&env=display&url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&rurl=http%3A%2F%2Frubistar.4teachers.org%2F&f=0&p=13064183&tKey=armneM3cY40FYJUATq4AFh2S7nVp5T6t&a=1&adContainerId=richmedia_2&rnd=13063873
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.70.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-70-168.compute-1.amazonaws.com
Software: /
Resource Hash: 90068f541d975608ff7c36ee8fd9c8819e94fb703be030e0ba7e7a53a9b2023d

Request headers

Referer: http://rubistar.4teachers.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:18:59 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 ipg
a4.tribalfusion.com/ 43 B
383 B 203ms
107ms Image
image/gif 172.64.155.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4.tribalfusion.com/ipg?ip6=2607:5300:60:7867::2&kv=%7B%22ord%22%3A%202000657446%2C%20%22clientID%22%3A%20762733%7D
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:18:59 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7227bdd3c87ba1f6-YYZ
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 impl_v90.js Show response
www.googletagservices.com/dcm/ 54 KB
21 KB 33ms
32ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v90.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rubistar.4teachers.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 27 Jun 2022 13:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21331
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 13:07:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 13:12:55 GMT

GET
H2 200 B26160057.315762271;dc_ver=90.264;dc_rxp=1;dc_eid=40004000;sz=728x90;u_sd=1;cid=0002910059;dc_adk=311390502;ord=i1erxr;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FabmXLt1UBfXaioRbvATbQ0TtQ2nU... Show response
ad.doubleclick.net/ddm/adi/N5877.2106305EXPONENTIAL/ Frame 3168 56 KB
27 KB 140ms
72ms Document
text/html 142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N5877.2106305EXPONENTIAL/B26160057.315762271;dc_ver=90.264;dc_rxp=1;dc_eid=40004000;sz=728x90;u_sd=1;cid=0002910059;dc_adk=311390502;ord=i1erxr;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FabmXLt1UBfXaioRbvATbQ0TtQ2nUfrQrvm1EJN5qFl2av2oabBYbU7UWFTnPvJpV7spdMF3E372tEt4AfZcprnZdXsrWXsrY1sZbnnEfQ5Uv2VUJFUAvTQqQ1PcroPHUM1H7qWAjm4sn0YFFJUmit46FeRmJD4WQO0HMLmtIo5mvR4sMfVsYjVcf7PPZbvWdY3UFM03F2oWEYoTEQ9PqBZaQVfIPFmmRW38VGM32r6xodqO0qvwvQubn8IZcYWqM0BaMTcr60beLyBalM6734VUsLB64m6%2F;dc_rfl=0,http%3A%2F%2Frubistar.4teachers.org%2Findex.php$0;xdt=0;crlt=SwRuuBj3oO;stc=1;sttr=57;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v90.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

7efe4a12aa898eac3befac6f8759bf67d1bdf408278bc530af60d6ff8a678edc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rubistar.4teachers.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 26622
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 16:18:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main.gr.19.8.319.js Show response
static.adsafeprotected.com/ 192 KB
61 KB 261ms
82ms Script
application/javascript 2600:9000:20d1:8a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.319.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=8947&advId=762733&campId=14376432&pubId=89230&chanId=10655685&placementId=728x90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d1:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8eee7b34356fcf9fe076bd973b7f78014097060ab9482cb5dcd53628e32e2be0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 15:42:11 GMT
content-encoding: gzip
age: 1298210
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 09 Jun 2022 18:01:50 GMT
server: AmazonS3
etag: W/"a1d669bc0776f421280ad4154b1ce523"
vary: Accept-Encoding
x-amz-version-id: mNA7gJwBAdrYqRYSnebG4JRwK6iKHdgs
via: 1.1 9c2519e54cd2c0044575fd7e89d9bcba.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: QRO51-C1
content-type: application/javascript
x-amz-cf-id: CpR3EHEtRQXtK1_fLEOlZydT1Dl-OVb4TjU7Y1nyei8o2d8OtP7jtA==

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame BD41 201 B
1010 B 98ms
98ms Document
text/html 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=acmTgbUcbePP3xWtUPWbnY5biqUaYtVEnlSaJZaSVZbCPbAwRWrcUVUP5UimoWeOXT6n2tMHSG7Zc26QZbodXrTdZb6YFQ8XbblXayoPbrZbTrvSVdJXmUBuQUFn1EYy5aUf4TfRoEJB1rJfUWBSnPMBnVYnpHvK5T373dmq3A7GnFbJ0GYWXGMYXVZbnnqvP3FY4VbfBVPY4RTfQScZbMStUN2WbuTbA3MCmnumZbunTqddn&mediaDataID=7665496&mediaName=frame.html
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d98df293637e4f1de6293c903fb21125ad9373764e36d8335c980b62f97da8c0

Request headers

Referer: http://rubistar.4teachers.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7227bdd46a547138-YUL
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Jun 2022 16:18:59 GMT
Expires: 0
P3P: CP="NOI DEVo TAIa OUR BUS"
Pragma: no-cache
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Function: 102
X-Reuse-Index: 3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame 0554 309 B
1 KB 126ms
111ms Document
text/html 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=admTgbXG7xpT7W5FUPVUFHUAj4QaY1PVrMSH3y1tbuVm3m2cU50UMZaU66n26UePArI2HUtXWUCptEu56BP5Gn7UGn7VVB7PPZbMWdv3TUFP3r2tWqnsWa36ST3FScQZdPFmvPWUbUVv54U2mnt6OXaPu3drZaSVbZa46JZbmdAyTdQc0bbbYUQj1EAMRFJDUF3QVWQXnbfnRFvN1EFy3TUlYEMRoQXcuBaZbr8M9OZaJYRc&mediaDataID=8039566&mediaName=frame.html
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c0b4d8190f5741451a1452b5409048f607b151bce97a731bd965de3bf6a8613

Request headers

Referer: http://rubistar.4teachers.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7227bdd48a20713c-YUL
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Jun 2022 16:19:00 GMT
Expires: 0
P3P: CP="NOI DEVo TAIa OUR BUS"
Pragma: no-cache
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Function: 102
X-Reuse-Index: 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame F534 324 B
1 KB 129ms
114ms Document
text/html 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=aemTgbXaitPbQFUUv4WdF4orfsPFbtXTMy3a3j4aMRmEFLYbB9WHZbWnPbKpsMwod7L3TUf5tay3P7ZanrbZbXsrQXGM01sFppTnQ5Uv2WbJZcWP72QEn2QsUoStJr1HvrVPjp4cr20UQDT6Pn5AYePmFB3W3yXHQAnt2u36YY5GjdVcn8WcJjRmnoUHFSUb7R3FEtVaUpTEFlSTBFQVQJWUavPCECs8TxN66AyaZbODF&mediaDataID=5436426&mediaName=frame.html
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def299ab070392cdfed2e0720ccdbd8fcc27c70393e34e92ef397db9066d284a

Request headers

Referer: http://rubistar.4teachers.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7227bdd48e957154-YUL
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Jun 2022 16:19:00 GMT
Expires: 0
P3P: CP="NOI DEVo TAIa OUR BUS"
Pragma: no-cache
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Function: 102
X-Reuse-Index: 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame AAFB 275 B
1 KB 121ms
106ms Document
text/html 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=afmTgbPP3uWd3VWbbY3bZanUqYqWTMbPTvFQcYLPravRWYlWGnU2FPqntuq0Emp2HjZbQVjE2m3FmtAsTWQ8XUrbXr7l1TZasPbBCWUMSWWnWmbQqPbjtXqrp3TJa4T75marI1b76WH7XmPUKmVrwoWQC2E385d6N5PvZaprMEXsfW1cnX0GbpnTZb43rFRVUjZaW6v1QT31SsBMStUrYtvpQAvp4paxv7ydqUiBNFyIHX&mediaDataID=6530936&mediaName=frame.html
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 174f70d780e693eb01583c16ec1e7011945c8bf17a2983ca05e88cf0d99af1c2

Request headers

Referer: http://rubistar.4teachers.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7227bdd48b474bcb-YUL
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Jun 2022 16:18:59 GMT
Expires: 0
P3P: CP="NOI DEVo TAIa OUR BUS"
Pragma: no-cache
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Function: 102
X-Reuse-Index: 8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame D4D8 264 B
1 KB 139ms
124ms Document
text/html 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=agmVoApT7T5U3SVrMFVPQ3RE33PVBsPdjrYHnnV6vp2cvVXFYJVm2r5AB9RP7K2tFM0HYIpdIm3mYS5sj9TVUcVGFkS6MuWdZbRWrBP2FauWajnWTv6QqQKQVFBQrqrPWjiVVrW5UPtodAq0aen3HnZdQsrG5AUJoHXsUHZbdXbbiYUYfXaiMRrJGWUrSWdn1oFBqQrrt1EMs5a3j4q32nEbK1FUfWHMXoArans7wU8PGyBiexqiFZameDHB&mediaDataID=5578346&mediaName=frame.html
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ad14ba6a9d78ed9415bcb6c72419851b02688f4f2d206518124dc19e3a531e1

Request headers

Referer: http://rubistar.4teachers.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7227bdd48ef04bbf-YUL
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Jun 2022 16:19:00 GMT
Expires: 0
P3P: CP="NOI DEVo TAIa OUR BUS"
Pragma: no-cache
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Function: 102
X-Reuse-Index: 8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame EE3D 302 B
1 KB 159ms
143ms Document
text/html 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=ahmTgbPbQHWUYYVWM2nrfoRUByXqZbt5Eja2Tf1mT7IYbjgUWfRoAYZcmVjnmtrJ3aF93des3AjEpbMZcXGfSYVY31cBMmaBW5UZbSTFZbZcV6YTPTb4QVMrPWfwYtbuVPbN2GJU0FvKVmmw4An9QmfK2Hrq1WQDptZao5mBS3srgTVJ6UcJ7R6rMTHn3UUM43rAwWTrsWEnbSEZbFQVQCRruoUdMiUSAnOnQ5PCqEMsZcZdOs&mediaDataID=6807466&mediaName=frame.html
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b60052c6c4f6515e5d0826cd4d6188d7be4b9c970135a172fee27da9475b2fa

Request headers

Referer: http://rubistar.4teachers.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7227bdd489f94bd6-YUL
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Jun 2022 16:19:00 GMT
Expires: 0
P3P: CP="NOI DEVo TAIa OUR BUS"
Pragma: no-cache
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Function: 102
X-Reuse-Index: 20
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame 65F0 242 B
1 KB 178ms
88ms Document
text/html 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=aimTgbWd3WWrb13bExUEYmTTrdQqnHRVfCRFmmRHMiWG324UqnodEmYaau4WvZdQcMZc46QZdmdZaNVHJ7XbfdYbFe1EZanSUnFWUJ2TtrWnUfxPFrsYaMN5E7h2aMRmaMFYF3fWWJQoArBnV3npWMJ3Trg2t6M3PfGnbbZc0Gn0YVF1XGFwmEZbV5Fn2VbnAWPMVPaM4PsrtSdYrYtvuT6bu1V3U0PejrE34NrZbSt3tNXj&mediaDataID=4056396&mediaName=frame.html
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37642281339cd406804496e689bdd9648308fc3917f7eaaf259388f410e27ab5

Request headers

Referer: http://rubistar.4teachers.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7227bdd50b267138-YUL
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Jun 2022 16:19:00 GMT
Expires: 0
P3P: CP="NOI DEVo TAIa OUR BUS"
Pragma: no-cache
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Function: 102
X-Reuse-Index: 4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame C5F7 381 B
1 KB 210ms
89ms Document
text/html 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=ajmTgb5U3VTFfFUPrXRTfXScvmSdZbu0tBuTPjw2s3UXFrAT6um2PMdQmnB4dUO0tJCntEw36U13cr6TcJaWV7fSmMNTWMRWrr55b6uVTUvVEJ6QaYLRsYZbRravRt77Wcj52UToodeOXaTu3tnZdQVZbH5mYEmtIyTHQ70bnkYbYkXaApSUMDWFrSVWJYmbZbvPrjnXTMs3EYa2a7RoTMD4UJfWCXsQqXbQ97Bm3Teb6&mediaDataID=6546596&mediaName=frame.html
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa734147f34611707bd1154cd0b7d1dcaf97cb0ad82cadba9128998446b7d4e4

Request headers

Referer: http://rubistar.4teachers.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7227bdd53c604bcb-YUL
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Jun 2022 16:19:00 GMT
Expires: 0
P3P: CP="NOI DEVo TAIa OUR BUS"
Pragma: no-cache
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Function: 102
X-Reuse-Index: 12
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame F5D3 213 B
1021 B 209ms
90ms Document
text/html 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=akmTgbWUYYTtQ2nUYmPU7t1Enp3Eji5TYRoarBYrJfUWF1mPMLpGQrpWbC5qQ73Wuy5P7ZcprnG0VnPYcF50sbwmqBR2bMRTFvBUA3TQa3QQsZbrSdby0djtT6vp2GBXXbFDV6Xp2PQePmBB3HYO0HvLmdZan3mQY5cj6VcQjWVMlPPnwTWrWUrJP3F2sWanxVqQ6PEvZdQG3CRruvPH7dPsv52AFUQSF1uQeIy8CgNH&mediaDataID=6347136&mediaName=frame.html
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f22a7afbef91c1d1b56a5f680e8949f58cd65c62e0fd84f005ca65b393cb6b3c

Request headers

Referer: http://rubistar.4teachers.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7227bdd53b30713c-YUL
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Jun 2022 16:19:00 GMT
Expires: 0
P3P: CP="NOI DEVo TAIa OUR BUS"
Pragma: no-cache
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Function: 102
X-Reuse-Index: 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK tab_screenshot.gif
rubistar.4teachers.org/images/ 17 KB
17 KB 53ms
52ms Image
image/gif 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rubistar.4teachers.org/images/tab_screenshot.gif
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: 8d2aa64cf5d8cf0c450e7585fa917cc1f1bfcff08742318eb69ebd3635024c3c

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:21:49 GMT
Last-Modified: Wed, 09 Jul 2014 15:50:39 GMT
Server: Apache/2.2.16 (Debian)
ETag: "42cd-4fdc4ab7791c0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=77
Content-Length: 17101

GET
H/1.1 200
OK j.ad Show response
a.tribalfusion.com/ 5 KB
3 KB 294ms
171ms Script
application/x-javascript 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=4teachersorg&adSpace=ros&center=1&size=160x600&env=display&url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&rurl=http%3A%2F%2Frubistar.4teachers.org%2F&f=0&p=13064183&tKey=armneM3cY40FYJUATq4AFh2S7nVp5T6t&a=3&adContainerId=richmedia_4&rnd=13060106
Requested by: Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/4Teachersorg/ROS/tags.js
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 988e00b9ff040d59d506bc1c5cdad477c9e95883413428e7e38866678350d3ba

Request headers

Referer: http://rubistar.4teachers.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 28 Jun 2022 16:19:00 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2326
Pragma: no-cache
X-Function: 101
Server: cloudflare
X-Reuse-Index: 8
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store, proxy-revalidate
CF-RAY: 7227bdd53f997154-YUL
Expires: 0

GET
H/1.1 200
OK tab_bkg_drk.gif
rubistar.4teachers.org/images/ 155 B
438 B 52ms
51ms Image
image/gif 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rubistar.4teachers.org/images/tab_bkg_drk.gif
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/css/rubistarCss.css
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: 157add5d21d145ab9e00a466ef1a1bfd29e61bb495615820d7b213b9603c2dbf

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/css/rubistarCss.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:21:49 GMT
Last-Modified: Wed, 09 Jul 2014 15:50:39 GMT
Server: Apache/2.2.16 (Debian)
ETag: "9b-4fdc4ab7791c0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=77
Content-Length: 155

GET
H/1.1 200
OK tap_bkg_content.jpg
rubistar.4teachers.org/images/ 2 KB
2 KB 52ms
52ms Image
image/jpeg 166.78.24.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rubistar.4teachers.org/images/tap_bkg_content.jpg
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/css/rubistarCss.css
Protocol: HTTP/1.1
Server: 166.78.24.46 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.2.16 (Debian) /
Resource Hash: 320a6c4cc24d7dbb1049f1c9f37956f7f5e465c7055ecf48c5d785702b5e5d9c

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/css/rubistarCss.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:21:49 GMT
Last-Modified: Wed, 09 Jul 2014 15:50:39 GMT
Server: Apache/2.2.16 (Debian)
ETag: "7c4-4fdc4ab7791c0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=77
Content-Length: 1988

GET
H3

200

i.match
a.tribalfusion.com/ Frame BD41
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662296618092723
https://a.tribalfusion.com/i.match?p=b23&u=213390604196007476689

43 B
648 B

99ms
99ms

Image
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b23&u=213390604196007476689
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=acmTgbUcbePP3xWtUPWbnY5biqUaYtVEnlSaJZaSVZbCPbAwRWrcUVUP5UimoWeOXT6n2tMHSG7Zc26QZbodXrTdZb6YFQ8XbblXayoPbrZbTrvSVdJXmUBuQUFn1EYy5aUf4TfRoEJB1rJfUWBSnPMBnVYnpHvK5T373dmq3A7GnFbJ0GYWXGMYXVZbnnqvP3FY4VbfBVPY4RTfQScZbMStUN2WbuTbA3MCmnumZbunTqddn&mediaDataID=7665496&mediaName=frame.html
Protocol: H3
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7227bdd7683f4bcb-YUL
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
via: 1.1 0bf7e26c89098feda05fbbd1b5bfc970.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: QRO51-C1
location: https://a.tribalfusion.com/i.match?p=b23&u=213390604196007476689
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: LCsG6USysUjdGw4CXUVff9UD-as-7zoccTywLYw9Ku1cv2KJNnQYJA==
expires: 0

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220623/r20110914/elements/html/ Frame 3168 8 KB
4 KB 74ms
20ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220623/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N5877.2106305EXPONENTIAL/B26160057.315762271;dc_ver=90.264;dc_rxp=1;dc_eid=40004000;sz=728x90;u_sd=1;cid=0002910059;dc_adk=311390502;ord=i1erxr;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FabmXLt1UBfXaioRbvATbQ0TtQ2nUfrQrvm1EJN5qFl2av2oabBYbU7UWFTnPvJpV7spdMF3E372tEt4AfZcprnZdXsrWXsrY1sZbnnEfQ5Uv2VUJFUAvTQqQ1PcroPHUM1H7qWAjm4sn0YFFJUmit46FeRmJD4WQO0HMLmtIo5mvR4sMfVsYjVcf7PPZbvWdY3UFM03F2oWEYoTEQ9PqBZaQVfIPFmmRW38VGM32r6xodqO0qvwvQubn8IZcYWqM0BaMTcr60beLyBalM6734VUsLB64m6%2F;dc_rfl=0,http%3A%2F%2Frubistar.4teachers.org%2Findex.php$0;xdt=0;crlt=SwRuuBj3oO;stc=1;sttr=57;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 16:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jul 2022 16:11:47 GMT

GET
H3

200

i.match
a.tribalfusion.com/ Frame AAFB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662296618092723&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662296618092723&C=1
https://a.tribalfusion.com/i.match?p=b20&u=Yrsp9DJCMlu5FK0NcHkcBQAA

43 B
642 B

92ms
92ms

Image
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b20&u=Yrsp9DJCMlu5FK0NcHkcBQAA
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=afmTgbPP3uWd3VWbbY3bZanUqYqWTMbPTvFQcYLPravRWYlWGnU2FPqntuq0Emp2HjZbQVjE2m3FmtAsTWQ8XUrbXr7l1TZasPbBCWUMSWWnWmbQqPbjtXqrp3TJa4T75marI1b76WH7XmPUKmVrwoWQC2E385d6N5PvZaprMEXsfW1cnX0GbpnTZb43rFRVUjZaW6v1QT31SsBMStUrYtvpQAvp4paxv7ydqUiBNFyIHX&mediaDataID=6530936&mediaName=frame.html
Protocol: H3
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7227bdd70faf4bcb-YUL
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzTjHu8OutQcMOdnF2qrqqZiV1kb%2B3kVBr9%2BH%2FaBwm%2FSjLwCnmElXvDOCd%2FrwwV0Xcqmyf%2Fe0tTUNRtfYL8uboOy9F4KtFcOQesY7csAxT7OaGnJd8%2FB5%2BpwQN7ioV709jcea01oo9jM2g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://a.tribalfusion.com/i.match?p=b20&u=Yrsp9DJCMlu5FK0NcHkcBQAA
cache-control: no-cache
cf-ray: 7227bdd6683fa1ea-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 0554
Redirect Chain

https://a.tribalfusion.com/i.match?p=b24&u=18072662296618092723&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
https://s.tribalfusion.com/z/i.match?p=b24&u=18072662296618092723&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662296618100798

0
94 B

81ms
40ms

Image
text/plain

35.190.126.92
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662296618100798
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=admTgbXG7xpT7W5FUPVUFHUAj4QaY1PVrMSH3y1tbuVm3m2cU50UMZaU66n26UePArI2HUtXWUCptEu56BP5Gn7UGn7VVB7PPZbMWdv3TUFP3r2tWqnsWa36ST3FScQZdPFmvPWUbUVv54U2mnt6OXaPu3drZaSVbZa46JZbmdAyTdQc0bbbYUQj1EAMRFJDUF3QVWQXnbfnRFvN1EFy3TUlYEMRoQXcuBaZbr8M9OZaJYRc&mediaDataID=8039566&mediaName=frame.html
Protocol: H2
Server: 35.190.126.92 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 92.126.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 16:19:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 958
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7227bdd65f7becf6-YUL
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662296618100798
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F534
Redirect Chain

https://a.tribalfusion.com/i.match?p=b10&u=18072662296618092723&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
https://s.tribalfusion.com/z/i.match?p=b10&u=18072662296618092723&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662296618107931&expires=180

42 B
765 B

198ms
25ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662296618107931&expires=180
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aemTgbXaitPbQFUUv4WdF4orfsPFbtXTMy3a3j4aMRmEFLYbB9WHZbWnPbKpsMwod7L3TUf5tay3P7ZanrbZbXsrQXGM01sFppTnQ5Uv2WbJZcWP72QEn2QsUoStJr1HvrVPjp4cr20UQDT6Pn5AYePmFB3W3yXHQAnt2u36YY5GjdVcn8WcJjRmnoUHFSUb7R3FEtVaUpTEFlSTBFQVQJWUavPCECs8TxN66AyaZbODF&mediaDataID=5436426&mediaName=frame.html
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: f72efbd84733ea5ba734e4e8fe0395a3
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 162
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7227bdd65f7aecf6-YUL
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662296618107931&expires=180
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3168 170 KB
59 KB 88ms
19ms Script
text/javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:54:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 04:54:20 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3168 41 KB
15 KB 77ms
21ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:13:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 18:13:36 GMT

GET
H3

200

i.match
a.tribalfusion.com/ Frame D4D8
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662296618092723&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662296618092723&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
https://a.tribalfusion.com/i.match?p=b13&u=39930292892171146602499573488221969328

43 B
698 B

89ms
88ms

Image
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b13&u=39930292892171146602499573488221969328
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=agmVoApT7T5U3SVrMFVPQ3RE33PVBsPdjrYHnnV6vp2cvVXFYJVm2r5AB9RP7K2tFM0HYIpdIm3mYS5sj9TVUcVGFkS6MuWdZbRWrBP2FauWajnWTv6QqQKQVFBQrqrPWjiVVrW5UPtodAq0aen3HnZdQsrG5AUJoHXsUHZbdXbbiYUYfXaiMRrJGWUrSWdn1oFBqQrrt1EMs5a3j4q32nEbK1FUfWHMXoArans7wU8PGyBiexqiFZameDHB&mediaDataID=5578346&mediaName=frame.html
Protocol: H3
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7227bdd87a264bcb-YUL
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-usw2-2-v032-0f5fce75e.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 1x0hrqN4Qkc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://a.tribalfusion.com/i.match?p=b13&u=39930292892171146602499573488221969328
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame EE3D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b22&u=18072662296618092723&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
https://s.tribalfusion.com/z/i.match?p=b22&u=18072662296618092723&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662296618107929

0
338 B

81ms
29ms

Image
text/plain

18.210.147.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662296618107929
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=ahmTgbPbQHWUYYVWM2nrfoRUByXqZbt5Eja2Tf1mT7IYbjgUWfRoAYZcmVjnmtrJ3aF93des3AjEpbMZcXGfSYVY31cBMmaBW5UZbSTFZbZcV6YTPTb4QVMrPWfwYtbuVPbN2GJU0FvKVmmw4An9QmfK2Hrq1WQDptZao5mBS3srgTVJ6UcJ7R6rMTHn3UUM43rAwWTrsWEnbSEZbFQVQCRruoUdMiUSAnOnQ5PCqEMsZcZdOs&mediaDataID=6807466&mediaName=frame.html
Protocol: H2
Server: 18.210.147.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-147-45.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 16:19:00 GMT
cache-control: private, no-cache, no-store
x-request-time: D=72 t=1656433133
x-served-by: beacon-n023-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 546
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7227bdd65f78ecf6-YUL
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662296618107929
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

i.match
a.tribalfusion.com/ Frame 65F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662296618092723
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEHhzoSp2jZHM9DfShjzrBCk&google_cver=1&google_ula=2786954,0

43 B
660 B

104ms
86ms

Image
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEHhzoSp2jZHM9DfShjzrBCk&google_cver=1&google_ula=2786954,0
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aimTgbWd3WWrb13bExUEYmTTrdQqnHRVfCRFmmRHMiWG324UqnodEmYaau4WvZdQcMZc46QZdmdZaNVHJ7XbfdYbFe1EZanSUnFWUJ2TtrWnUfxPFrsYaMN5E7h2aMRmaMFYF3fWWJQoArBnV3npWMJ3Trg2t6M3PfGnbbZc0Gn0YVF1XGFwmEZbV5Fn2VbnAWPMVPaM4PsrtSdYrYtvuT6bu1V3U0PejrE34NrZbSt3tNXj&mediaDataID=4056396&mediaName=frame.html
Protocol: H3
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7227bdd66e694bcb-YUL
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEHhzoSp2jZHM9DfShjzrBCk&google_cver=1&google_ula=2786954,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame C5F7
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252...
https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=2577a364-f15a-4875-aa1b-a40846e3e1d0
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662296618107931

43 B
61 B

54ms
53ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662296618107931
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=ajmTgb5U3VTFfFUPrXRTfXScvmSdZbu0tBuTPjw2s3UXFrAT6um2PMdQmnB4dUO0tJCntEw36U13cr6TcJaWV7fSmMNTWMRWrr55b6uVTUvVEJ6QaYLRsYZbRravRt77Wcj52UToodeOXaTu3tnZdQVZbH5mYEmtIyTHQ70bnkYbYkXaApSUMDWFrSVWJYmbZbvPrjnXTMs3EYa2a7RoTMD4UJfWCXsQqXbQ97Bm3Teb6&mediaDataID=6546596&mediaName=frame.html
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
via: 1.1 google
server: OXGW/7f1e280
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 6832
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7227bdd7582c4bcb-YUL
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662296618107931
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

i.match
a.tribalfusion.com/ Frame F5D3
Redirect Chain

https://pixel.advertising.com/ups/57628/sync?uid=18072662296618092723&_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662296618092723&_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662296618092723&_origin=1&redir=true&verify=true
https://a.tribalfusion.com/i.match?p=b17&u=y-5AEykKVE2ui0Q9VBOOqTev3erIPntEs-~A

43 B
665 B

92ms
92ms

Image
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b17&u=y-5AEykKVE2ui0Q9VBOOqTev3erIPntEs-~A
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=akmTgbWUYYTtQ2nUYmPU7t1Enp3Eji5TYRoarBYrJfUWF1mPMLpGQrpWbC5qQ73Wuy5P7ZcprnG0VnPYcF50sbwmqBR2bMRTFvBUA3TQa3QQsZbrSdby0djtT6vp2GBXXbFDV6Xp2PQePmBB3HYO0HvLmdZan3mQY5cj6VcQjWVMlPPnwTWrWUrJP3F2sWanxVqQ6PEvZdQG3CRruvPH7dPsv52AFUQSF1uQeIy8CgNH&mediaDataID=6347136&mediaName=frame.html
Protocol: H3
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7227bdd7b91b4bcb-YUL
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b17&u=y-5AEykKVE2ui0Q9VBOOqTev3erIPntEs-~A
date: Tue, 28 Jun 2022 16:19:00 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A486 22 KB
8 KB 64ms
20ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 79515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 18:13:45 GMT
expires: Tue, 27 Jun 2023 18:13:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dcmads.js Show response
fw.adsafeprotected.com/rjss/www.googletagservices.com/911106/61851556/dcm/ 234 KB
71 KB 46ms
28ms Script
application/javascript 3.223.70.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/www.googletagservices.com/911106/61851556/dcm/dcmads.js
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=4teachersorg&adSpace=ros&center=1&size=160x600&env=display&url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&rurl=http%3A%2F%2Frubistar.4teachers.org%2F&f=0&p=13064183&tKey=armneM3cY40FYJUATq4AFh2S7nVp5T6t&a=3&adContainerId=richmedia_4&rnd=13060106
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.70.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-70-168.compute-1.amazonaws.com
Software: /
Resource Hash: fdc3d10ef68bca3bb20eefe033f3e0f4a3bd7807a69c463b6b0b1576ca41e719

Request headers

Referer: http://rubistar.4teachers.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 ipg
a4.tribalfusion.com/ 43 B
384 B 125ms
102ms Image
image/gif 172.64.155.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4.tribalfusion.com/ipg?ip6=2607:5300:60:7867::2&kv=%7B%22ord%22%3A%202000658727%2C%20%22clientID%22%3A%20751073%7D
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.155.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7227bdd67d1ea235-YYZ
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3168 138 KB
42 KB 36ms
36ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 16:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 16:19:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/ Frame 789A 3 KB
617 B 74ms
33ms Document
text/html 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/index.html?e=69&leftOffset=0&topOffset=0&c=lyKpyakYQX&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40a6fde90e5fa4d7aac669a50ca1efd481e15e6672586fb51f636fbcccf26a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 590
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 16:19:00 GMT
expires: Wed, 29 Jun 2022 16:19:00 GMT
last-modified: Fri, 10 Dec 2021 11:31:10 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3168 0
566 B 95ms
38ms Ping
image/gif 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvyFzDDEpd53WZZo4d0CVLFQy7iZEM0M3QVpeLUuqpPFskICScBnGfMoqaBbser8BbxLQ57It5liarRZc6S_9z9M93wf64TZtZFRgroFpg-v00eWBbLRrX4I0FrWu7A_eTKoj-LWueG_0mh6A0OXj_3og&sai=AMfl-YSZw8B9sx2A7Uvm6Xj9brlCPeeSZqulY8qH7M9ZgswpuJx5GvEbMOpNfyoFsKfGjTfSgEMIBkinSPNbQko&sig=Cg0ArKJSzG6OQTTaHM6TEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=153&cbvp=1&cstd=143&cisv=r20220623.56773&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jun 2022 16:19:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 ViAmyRY-LKGlXGI_ktt9sOy-HRzFpgmS9L9D6qSMV6s.js Show response
pagead2.googlesyndication.com/bg/ Frame A486 36 KB
14 KB 61ms
20ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ViAmyRY-LKGlXGI_ktt9sOy-HRzFpgmS9L9D6qSMV6s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

562026c9163e2ca1a55c623f92db7db0ecbe1d1cc5a60992f4bf43eaa48c57ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 10:22:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13935
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 10:22:21 GMT

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame BBC6 80 KB
21 KB 80ms
80ms Script
application/javascript 2600:9000:20d1:8a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d1:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:45:14 GMT
content-encoding: gzip
age: 21450826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 9c2519e54cd2c0044575fd7e89d9bcba.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: QRO51-C1
content-type: application/javascript
x-amz-cf-id: AaHB_3_jBRahBJVFaoblkv4puCfIBqoPciS6bmiPNw5VBtf2t2cWHQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 46ms
46ms Image
image/gif 3.223.70.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=8947&advId=762733&campId=14376432&pubId=89230&chanId=10655685&placementId=728x90&adsafe_url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&adsafe_type=abdq&adsafe_url=http%3A%2F%2Frubistar.4teachers.org%2F&adsafe_type=f&adsafe_jsinfo=,id:985f668b-c59c-5e5c-129e-eb159e7d963f,c:gQM1v6,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-74d8c6bddc-f2rvt,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:458.0.728.90,am:a,cc:458.79.728.14,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:386,fm:ta4oEaF+1*.8947%7C111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:408,oid:046f45c7-f6fe-11ec-8093-be47eb1da714,v:19.8.319,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.70.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-70-168.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
x-server-name: app24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3

200

dcmads.js Show response
www.googletagservices.com/dcm/
Redirect Chain

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/911106/61851556/dcm/dcmads.js?adsafe_url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&adsafe_type=abdq&adsafe_url=http%3A%2F%2Frubist...
https://www.googletagservices.com/dcm/dcmads.js

23 KB
9 KB

33ms
32ms

Script
text/javascript

2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php

Protocol

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ce23e400795f2042907e26c6420149ab2ea1c1f5dc6103632f6a2f626afd8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 16:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8757
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 13:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 28 Jun 2022 17:18:14 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
x-server-name: app12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://www.googletagservices.com/dcm/dcmads.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame D5A9 80 KB
21 KB 83ms
81ms Script
application/javascript 2600:9000:20d1:8a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d1:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:45:14 GMT
content-encoding: gzip
age: 21450826
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 9c2519e54cd2c0044575fd7e89d9bcba.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: QRO51-C1
content-type: application/javascript
x-amz-cf-id: lev3T6rFoArVuin4NbuezeFsenJnMabWwU1ko2-Hl3ArTxqhjnWvUg==

GET
H3 200 style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/ Frame 789A 4 KB
1 KB 30ms
30ms Stylesheet
text/css 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/index.html?e=69&leftOffset=0&topOffset=0&c=lyKpyakYQX&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

595374b4287ac35757c51ffb0e544392397afbc8f4eecc7f6f97a6bcb3b6c18d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/index.html?e=69&leftOffset=0&topOffset=0&c=lyKpyakYQX&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 12:18:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1296
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 11:31:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 12:18:54 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 789A 118 KB
40 KB 34ms
32ms Script
text/javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/index.html?e=69&leftOffset=0&topOffset=0&c=lyKpyakYQX&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/index.html?e=69&leftOffset=0&topOffset=0&c=lyKpyakYQX&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41079
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 04:54:21 GMT

GET
H3 200 pa.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/ Frame 789A 4 KB
1 KB 35ms
34ms Script
text/javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/pa.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/index.html?e=69&leftOffset=0&topOffset=0&c=lyKpyakYQX&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b88a304d6162d0e7bc1ea1c3b8c9e9f6b6751002a6d58b6a7bb2c4dd383dea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/index.html?e=69&leftOffset=0&topOffset=0&c=lyKpyakYQX&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 12:18:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1443
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 11:31:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 12:18:54 GMT

GET
H3 200 logic.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/ Frame 789A 19 KB
3 KB 35ms
34ms Script
text/javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/index.html?e=69&leftOffset=0&topOffset=0&c=lyKpyakYQX&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10cb35a5786ba742e0e5e91c22f42ae9cafa7acdfcab479053cfa8ed8b39adf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/index.html?e=69&leftOffset=0&topOffset=0&c=lyKpyakYQX&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 12:18:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3307
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 11:31:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 12:18:54 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 115ms
23ms Image
image/gif 2600:1f18:1aca:4280:702:b69e:e28a:c3ba
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8947&asId=985f668b-c59c-5e5c-129e-eb159e7d963f&tv=%7Bc:gQM1x9,pingTime:-2,time:534,type:a,im:%7BpBlk:422,sf:0,pom:1,prf:%7BbdA:857,bdZ:1040,beA:1070,beZ:1072,mfA:1457,cmA:1459,inA:1459,inZ:1465,prA:1465,prZ:1472,si:1478,poA:1479,bl:1493,poZ:1493,cmZ:1493,mfZ:1493,loA:1550,loZ:1551,ltA:1603,ltZ:1603,idA:1493,idZ:1540%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:407%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:534,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:406,wc:0.0.1600.1200,ac:458.0.728.90,am:a,cc:458.79.728.14,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B143~0%5D,as:%5B143~728.90%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:ta4oEaF+1*.8947%7C111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a,idMap:1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,slid:%5BVW_2000657446,richmedia_2,banner-wrapper,content-container,page-container%5D,sinceFw:125,readyFired:false%7D&br=c
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:702:b69e:e28a:c3ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 111ms
24ms Image
image/gif 2600:1f18:1aca:4280:702:b69e:e28a:c3ba
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=911106&asId=11cf61ea-e3d1-f0ea-26f6-0ff274fb66a7&tv=%7Bc:gQM1xd,pingTime:-2,time:113,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:1381,mdZ:1458,beA:1495,beZ:1496,mfA:1497,cmA:1499,inA:1499,inZ:1503,prA:1503,prZ:1507,si:1512,poA:1513,poZ:1540,cmZ:1540,mfZ:1540,loA:1557,loZ:1558,ltA:1608,ltZ:1608%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:113,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:1217.112.1.1,am:s,cc:1137.112.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B109~0%5D,as:%5B109~1.1%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:0,fm:ta4oEaF+1*.911106-61851556%7C111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b,idMap:1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,slid:%5Brichmedia_4,content-container,page-container%5D,sinceFw:95,readyFired:false%7D&br=c
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:702:b69e:e28a:c3ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 B27006846.331061802;dc_ver=90.264;dc_rxp=1;sz=160x600;u_sd=1;dc_adk=843632054;ord=ifspdv;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FalmYxvWrb05bEtWq3sVqrcSTYZcQcZbARFItPHjkWsrT2FuroWisXaex2t... Show response
ad.doubleclick.net/ddm/adi/N477201.8427EXPONENTIALINCTRIBAL/ Frame 13B9 50 KB
24 KB 113ms
68ms Document
text/html 142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N477201.8427EXPONENTIALINCTRIBAL/B27006846.331061802;dc_ver=90.264;dc_rxp=1;sz=160x600;u_sd=1;dc_adk=843632054;ord=ifspdv;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FalmYxvWrb05bEtWq3sVqrcSTYZcQcZbARFItPHjkWsrT2FuroWisXaex2t3DPVbE46JLptAtUWBhYbQaYbfhXa6sRUUATFZb5VWvWobjxQbrqXTYy5EUh5Ev5oaFH1rF8UWB1n6bBmG3podMF5Evg5dmy46jGnFbZcYsrTYGF21VbMnTr23UFVWbjZcV6M5REvQQVZbtQWUO1HJrTmjx3VB1XFnDU6qn2AY8QPFE2HFyXWBApd2o5aTstDq9rRBIwQaxx6BvRHY3WmXNyQj2tQjCiVrgox%2F;dc_rfl=0,http%3A%2F%2Frubistar.4teachers.org%2Findex.php$0;xdt=0;crlt=SwRuuBj3oO;stc=1;sttr=5;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v90.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

6068f772db6d8f4e0e456d51650ce409aa2594917f4db4b5c82a08fc1a456256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rubistar.4teachers.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 24924
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 16:19:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame D8E6 279 B
1 KB 102ms
101ms Document
text/html 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=aAmTKdTFfEUAv2QaM4SsYqSt3y0HJmW63p4GJ2XUQDT6Tv4AY8R6ZbF3HBqXd3AnHTm5mYQ3sveVsQdWcMhR6YvTHM4TrfS5bTtUqQvWqnlQEBKRc3LPUqsPHMiWcbR4rexotAs0qqp2tYEPV7Za46nZapdIOVHBhXrfa1UF90TqmPbBHTbZbPVWMWnbJqRUZbqYqZbr5Efg5qvPoaMI1rUfWH7MmmfBV9XrSCIAxHQ0Qt2xIZd&mediaDataID=9148826&mediaName=frame.html
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 053a5c6db46bfd18b881398d12d57b4ab89e84d348b70e0d837802075a37a5c4

Request headers

Referer: http://rubistar.4teachers.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7227bdd82c3e7154-YUL
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Jun 2022 16:19:00 GMT
Expires: 0
P3P: CP="NOI DEVo TAIa OUR BUS"
Pragma: no-cache
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Function: 102
X-Reuse-Index: 6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame 54F3 259 B
1 KB 91ms
91ms Document
text/html 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=aBmTKdTtQ3orJnPrByXaZbr3TFl5TU4oaFI1F36UH7XmPQCnVrmmHYG2TBg5HiN56nEnbMZa0GMX1s320GvunabU2rM5WFbZaUAf1REYQPGrMQdUy1tjnVmny4s3UXbZbZcTAaw2Av7R67K2Hnq1HUAntav46Q03cMgTsJdUc78R6FOWdQQUbj23beuVarsTTnbQaJZaSGjZaQb6xPt7iUVb52Fy4mWqOOQQyM8EGtFftPoPnZbL&mediaDataID=2713736&mediaName=frame.html
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a570cca371477ee5ba4b99a4e08e38519f4c9258abf1fdc56958de93e29aefe

Request headers

Referer: http://rubistar.4teachers.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7227bdd828e2713c-YUL
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Jun 2022 16:19:00 GMT
Expires: 0
P3P: CP="NOI DEVo TAIa OUR BUS"
Pragma: no-cache
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Function: 102
X-Reuse-Index: 6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame B3E0 447 B
1 KB 86ms
86ms Document
text/html 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=aCmTKd5bEoUqrpVEMcPqMZaQVbBQUisStYiUcjV4FyxmtZayXayv4dUAPVvH2AQHoHPNTHJ90bMi1FBf0aqqRUUGTrvPWtY2orYqRUJNXaMy5EUh4TY2nEfH1rJfUtMUmm7BpVUpmHrJ3Tng2daN5PBZbmrrH0Vv0YsF2XG7nnavS5UnPVUvCVmUTQTM4ScrtQH3y1dFsWmMn4GBU0UZbDVmm546ZbetFEFMRisyT3xQSbZcYr&mediaDataID=6719746&mediaName=frame.html
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ad06ed608ce1b98c5c263c9d49e91cba8109fc7821606e84d6ef4fc2b9c9661

Request headers

Referer: http://rubistar.4teachers.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7227bdd829b94bcb-YUL
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Jun 2022 16:19:00 GMT
Expires: 0
P3P: CP="NOI DEVo TAIa OUR BUS"
Pragma: no-cache
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Function: 102
X-Reuse-Index: 9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame 5FF1 721 B
1 KB 102ms
87ms Document
text/html 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=aDmTKdUAv4REM1QVBOQt3yYtBtVPvO4GvU0bFKTmmw4ArhPmfA4WMm1HZbLpWAo5AJ15cr8Vc3lUsbeRPFxUWYVTUFS2bZaoUqbsTTrlPqvFSGQKQUZamPWn9UVv54r6smWyO0a2w4dvZdQVJH563Hot6tUWBe0rvkYFYfXaiMRUJAWUv0VHv5mbbxQFjn1EMs5a3j4q32nEbK1FUfWHMXoArans7wU8PGyBiexqiFQdfXHk&mediaDataID=5207316&mediaName=frame.html
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 806f923d83f4c9c91e1854526d2f64314765568f044942f97f3ffedeb47885de

Request headers

Referer: http://rubistar.4teachers.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7227bdd84f607138-YUL
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Jun 2022 16:19:00 GMT
Expires: 0
P3P: CP="NOI DEVo TAIa OUR BUS"
Pragma: no-cache
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Function: 102
X-Reuse-Index: 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

76ms
20ms

Script
text/javascript

2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php

Protocol

Server

2607:f8b0:4006:81c::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5059
date: Tue, 28 Jun 2022 14:54:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 28 Jun 2022 16:54:41 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3168 0
26 B 78ms
37ms Ping
image/gif 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jun 2022 16:19:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 OpenSans-SemiBold.woff
s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/ Frame 789A 68 KB
68 KB 21ms
19ms Font
font/woff 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/OpenSans-SemiBold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da697e4a5654c750168d62ba00fded8a38fd33ac179d8223fbfba9b35175eff1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/style.css
Origin: https://s0.2mdn.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 12:18:37 GMT
x-content-type-options: nosniff
age: 14423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69884
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 11:31:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 12:18:37 GMT

GET
H3 200 OpenSans-Regular.woff
s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/ Frame 789A 66 KB
66 KB 27ms
26ms Font
font/woff 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/OpenSans-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb3e750c6fab3976f69f16b4f398de3d44e8fb7d596235c25a28df5ddacf48f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/style.css
Origin: https://s0.2mdn.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 12:18:37 GMT
x-content-type-options: nosniff
age: 14423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67540
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 11:31:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 12:18:37 GMT

GET
H3 200 OpenSans-Light.woff
s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/ Frame 789A 68 KB
68 KB 38ms
37ms Font
font/woff 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/OpenSans-Light.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc606be4585fb0adfc94553e94388529c8e1edccc0524f76472c11704bb1f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/style.css
Origin: https://s0.2mdn.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 12:18:37 GMT
x-content-type-options: nosniff
age: 14423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69384
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 11:31:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 12:18:37 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 789A 7 KB
5 KB 86ms
38ms XHR
application/json 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f87c43aaa1667f91fc053ab21b43849124f5fae9d343295abe87fbafc6be933b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jun 2022 16:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5576
x-xss-protection: 0

GET
H3 200 35747479_20211020090433101_Forex_logo.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 789A 3 KB
3 KB 56ms
54ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090433101_Forex_logo.png

Requested by

Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b32d2c190d8bd0b1660601ca99800e162e6583dfd5dd2705ff0f718cdef485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/index.html?e=69&leftOffset=0&topOffset=0&c=lyKpyakYQX&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 12:43:07 GMT
x-content-type-options: nosniff
age: 12953
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3374
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 16:04:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 12:43:07 GMT

GET
H3 200 35747479_20220228011835645_FXCA-Natural-Gas-Sprite.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 789A 221 KB
221 KB 59ms
58ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20220228011835645_FXCA-Natural-Gas-Sprite.png

Requested by

Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

674a5b85b7ff2f122e37fc96addc49b4437708598706e37da19265bb7f43c660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/index.html?e=69&leftOffset=0&topOffset=0&c=lyKpyakYQX&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 10:48:24 GMT
x-content-type-options: nosniff
age: 19836
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 226045
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 09:18:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 10:48:24 GMT

GET
H3 200 35747479_20211020090550552_1x1-00000000.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 789A 68 B
94 B 56ms
55ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090550552_1x1-00000000.png

Requested by

Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/index.html?e=69&leftOffset=0&topOffset=0&c=lyKpyakYQX&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 01:09:34 GMT
x-content-type-options: nosniff
age: 54566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 16:05:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 01:09:34 GMT

GET
H3 200 16337245664712775394
s0.2mdn.net/simgad/ Frame 13B9 29 KB
29 KB 30ms
29ms Image
image/jpeg 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16337245664712775394

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N477201.8427EXPONENTIALINCTRIBAL/B27006846.331061802;dc_ver=90.264;dc_rxp=1;sz=160x600;u_sd=1;dc_adk=843632054;ord=ifspdv;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FalmYxvWrb05bEtWq3sVqrcSTYZcQcZbARFItPHjkWsrT2FuroWisXaex2t3DPVbE46JLptAtUWBhYbQaYbfhXa6sRUUATFZb5VWvWobjxQbrqXTYy5EUh5Ev5oaFH1rF8UWB1n6bBmG3podMF5Evg5dmy46jGnFbZcYsrTYGF21VbMnTr23UFVWbjZcV6M5REvQQVZbtQWUO1HJrTmjx3VB1XFnDU6qn2AY8QPFE2HFyXWBApd2o5aTstDq9rRBIwQaxx6BvRHY3WmXNyQj2tQjCiVrgox%2F;dc_rfl=0,http%3A%2F%2Frubistar.4teachers.org%2Findex.php$0;xdt=0;crlt=SwRuuBj3oO;stc=1;sttr=5;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e9aedc836b5666de5e9a8fc4013b4349272463860769fb9066e45e087902a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:00:45 GMT
x-content-type-options: nosniff
age: 44295
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29775
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 18:52:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 04:00:45 GMT

GET
H3 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20220623/r20110914/xfa/ Frame 13B9 10 KB
4 KB 28ms
26ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220623/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

becfe54a92dcdab6b0dfb3b7db070d3f10e66732ed62a5ec2840ae3edd8c4b38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4034
x-xss-protection: 0
server: cafe
etag: 4087262437388033801
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Jul 2022 18:36:07 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220623/r20110914/elements/html/ Frame 13B9 8 KB
3 KB 27ms
21ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220623/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 16:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jul 2022 16:03:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 13B9 138 KB
42 KB 43ms
38ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 16:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 16:19:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 13B9 0
26 B 42ms
40ms Ping
image/gif 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsurdAc1yX2HmB0KI0GT_ktzITOuyeuQDPHdespcynLA77s8eRxaoEfTwk5HI1P2y2I1I1d8BusPnZn9ZRGh7ro5_bsqcnrHW8yQNgq2nO7SkQG7dMhlWpFV7nZHMB6Rm_i-Ma0PMbuqClA9r2DkdqZJYcqVstOEomZDBXzs1qLpvXfOKPwZ7IXcppIe8VqrhAGXUg&sig=Cg0ArKJSzClYg4uiFcSuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220623.42868&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jun 2022 16:19:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK event Show response
cendantchg.demdex.net/ Frame 13B9 42 B
956 B 355ms
92ms Script
image/gif 54.187.35.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cendantchg.demdex.net/event?d_event=imp&d_src=141961&d_site=4637988&d_creative=174106002&d_adgroup=523263982&d_placement=331061802&d_campaign=27006846&d_bust=2127588690

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.35.166 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-35-166.us-west-2.compute.amazonaws.com

Software

Resource Hash

1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v032-011fc4e05.edge-usw2.demdex.com 9 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: qR2jM2/ATfc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 13B9 41 KB
15 KB 22ms
20ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:13:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 18:13:36 GMT

GET
H3

200

i.match
a.tribalfusion.com/ Frame B3E0
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622966...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622966...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662296618092723&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U...
https://a.tribalfusion.com/i.match?p=b11&u=A753D9B1-EAE9-4BAC-8C74-93F2E63160BA

43 B
760 B

101ms
101ms

Image
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b11&u=A753D9B1-EAE9-4BAC-8C74-93F2E63160BA
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aCmTKd5bEoUqrpVEMcPqMZaQVbBQUisStYiUcjV4FyxmtZayXayv4dUAPVvH2AQHoHPNTHJ90bMi1FBf0aqqRUUGTrvPWtY2orYqRUJNXaMy5EUh4TY2nEfH1rJfUtMUmm7BpVUpmHrJ3Tng2daN5PBZbmrrH0Vv0YsF2XG7nnavS5UnPVUvCVmUTQTM4ScrtQH3y1dFsWmMn4GBU0UZbDVmm546ZbetFEFMRisyT3xQSbZcYr&mediaDataID=6719746&mediaName=frame.html
Protocol: H3
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:01 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7227bddb5f584bcb-YUL
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b11&u=A753D9B1-EAE9-4BAC-8C74-93F2E63160BA
date: Tue, 28 Jun 2022 06:31:21 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK hmac-sha1.js Show response
cdnx.tribalfusion.com/media/5207316/ Frame 5FF1 5 KB
3 KB 19ms
19ms Script
application/x-javascript 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdnx.tribalfusion.com/media/5207316/hmac-sha1.js
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aDmTKdUAv4REM1QVBOQt3yYtBtVPvO4GvU0bFKTmmw4ArhPmfA4WMm1HZbLpWAo5AJ15cr8Vc3lUsbeRPFxUWYVTUFS2bZaoUqbsTTrlPqvFSGQKQUZamPWn9UVv54r6smWyO0a2w4dvZdQVJH563Hot6tUWBe0rvkYFYfXaiMRUJAWUv0VHv5mbbxQFjn1EMs5a3j4q32nEbK1FUfWHMXoArans7wU8PGyBiexqiFQdfXHk&mediaDataID=5207316&mediaName=frame.html
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 373015d4e34dbf73ecb406228a102a191bf689ab1531ad0afa629e97b6a4a7bd

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:19:00 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 80237
Transfer-Encoding: chunked
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Function: 301
Last-Modified: Thu, 08 Feb 2018 21:10:28 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public
CF-RAY: 7227bdd93f96ecea-YUL
Expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 789A 17 KB
6 KB 38ms
35ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 16:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 16:19:00 GMT

GET
H3

200

i.match
a.tribalfusion.com/ Frame 54F3
Redirect Chain

https://tags.bluekai.com/site/4229?id=18072662296618092723&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID

43 B
716 B

88ms
87ms

Image
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aBmTKdTtQ3orJnPrByXaZbr3TFl5TU4oaFI1F36UH7XmPQCnVrmmHYG2TBg5HiN56nEnbMZa0GMX1s320GvunabU2rM5WFbZaUAf1REYQPGrMQdUy1tjnVmny4s3UXbZbZcTAaw2Av7R67K2Hnq1HUAntav46Q03cMgTsJdUc78R6FOWdQQUbj23beuVarsTTnbQaJZaSGjZaQb6xPt7iUVb52Fy4mWqOOQQyM8EGtFftPoPnZbL&mediaDataID=2713736&mediaName=frame.html
Protocol: H3
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7227bddaae2c4bcb-YUL
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
date: Tue, 28 Jun 2022 16:19:00 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 13B9 0
26 B 37ms
37ms Ping
image/gif 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jun 2022 16:19:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 24ms
24ms Image
image/gif 2600:1f18:1aca:4280:702:b69e:e28a:c3ba
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8947&asId=985f668b-c59c-5e5c-129e-eb159e7d963f&tv=%7Bc:gQM1Bm,time:795,type:e,im:%7Bimprf:%7Bttecl:749,ecd:47,tsecr:66%7D,pWait:38,pci:%7Btdr:246%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:795,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:406,wc:0.0.1600.1200,ac:458.0.728.90,am:a,cc:458.79.728.14,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B404~0%5D,as:%5B404~728.90%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:143,fm:ta4oEaF+1*.8947%7C111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:702:b69e:e28a:c3ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3

200

i.match
a.tribalfusion.com/ Frame D8E6
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662296618092723&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662296618092723&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=050113e2-f6fe-11e...
https://a.tribalfusion.com/i.match?p=b19&u=0501139f-f6fe-11ec-aec4-19b3ac430503

43 B
720 B

92ms
91ms

Image
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b19&u=0501139f-f6fe-11ec-aec4-19b3ac430503
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aAmTKdTFfEUAv2QaM4SsYqSt3y0HJmW63p4GJ2XUQDT6Tv4AY8R6ZbF3HBqXd3AnHTm5mYQ3sveVsQdWcMhR6YvTHM4TrfS5bTtUqQvWqnlQEBKRc3LPUqsPHMiWcbR4rexotAs0qqp2tYEPV7Za46nZapdIOVHBhXrfa1UF90TqmPbBHTbZbPVWMWnbJqRUZbqYqZbr5Efg5qvPoaMI1rUfWH7MmmfBV9XrSCIAxHQ0Qt2xIZd&mediaDataID=9148826&mediaName=frame.html
Protocol: H3
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7227bddaae344bcb-YUL
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 28 Jun 2022 16:19:00 GMT
location: https://a.tribalfusion.com/i.match?p=b19&u=0501139f-f6fe-11ec-aec4-19b3ac430503
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: false
x-fe: 324
content-length: 43

GET
H3

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1836185787&utmhn=rubistar.4teachers.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1836185787&utmhn=rubistar.4teachers.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...

35 B
54 B

77ms
35ms

Image
image/gif

2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1836185787&utmhn=rubistar.4teachers.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=RubiStar%20Home&utmhid=1844870238&utmr=0&utmp=%2Findex.php&utmht=1656433140720&utmac=UA-10627506-1&utmcc=__utma%3D55323060.54147971.1656433141.1656433141.1656433141.1%3B%2B__utmz%3D55323060.1656433141.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1568516469&utmredir=1&utmu=DBAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php

Protocol

Server

2607:f8b0:4006:81c::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1836185787&utmhn=rubistar.4teachers.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=RubiStar%20Home&utmhid=1844870238&utmr=0&utmp=%2Findex.php&utmht=1656433140720&utmac=UA-10627506-1&utmcc=__utma%3D55323060.54147971.1656433141.1656433141.1656433141.1%3B%2B__utmz%3D55323060.1656433141.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1568516469&utmredir=1&utmu=DBAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

rules-p-82Wca6j68XExo.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-82Wca6j68XExo.js
https://rules.quantcount.com/rules-p-82Wca6j68XExo.js

3 B
453 B

226ms
76ms

Script
application/javascript

2600:9000:20d1:2200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-82Wca6j68XExo.js
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: H2
Server: 2600:9000:20d1:2200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:49:55 GMT
via: 1.1 52fdcfc4c67e4bb65350160466d4cff8.cloudfront.net (CloudFront)
age: 9185
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:10:59 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: QRO51-C1
accept-ranges: bytes
x-amz-cf-id: KxcD8itizgN2nnRkzDcIiio10UtCLsrtqrfkBmDIXA4At9-W9p3Ong==

Redirect headers

Date: Tue, 28 Jun 2022 16:19:00 GMT
Via: 1.1 c1ede05c6f3af67550893439334db622.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: QRO51-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-82Wca6j68XExo.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: gmD7EXiKT1X_ZpSSTsDx3GZLRUFS5S8PtwFEiBR4bSCrehTGBr8q8A==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 13B9 7 KB
5 KB 38ms
38ms XHR
application/json 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220623/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9031423e1319503c1a845ee5faff4efe6e50b12ffea223b81426d871b923235b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jun 2022 16:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5557
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 24ms
23ms Image
image/gif 2600:1f18:1aca:4280:702:b69e:e28a:c3ba
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8947&asId=985f668b-c59c-5e5c-129e-eb159e7d963f&tv=%7Bc:gQM1Cb,pingTime:0,time:846,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:407%7D,%7Bpiv:100,vs:i,r:,t:845%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:845,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:406,wc:0.0.1600.1200,ac:458.0.728.90,am:a,cc:458.79.728.14,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B454~0%5D,as:%5B454~728.90%5D%7D%7D,%7Bsl:i,t:845,wc:0.0.1600.1200,ac:458.0.728.90,am:a,cc:458.79.728.14,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jload,dtt:143,fm:ta4oEaF+1*.8947%7C111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:702:b69e:e28a:c3ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 28ms
28ms Image
image/gif 2600:1f18:1aca:4280:702:b69e:e28a:c3ba
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=911106&asId=11cf61ea-e3d1-f0ea-26f6-0ff274fb66a7&tv=%7Bc:gQM1Ct,time:439,type:e,im:%7Bimprf:%7Bttecl:264,ecd:116,tsecr:16%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:439,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:1137.112.160.600,am:a,cc:1137.112.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B434~0%5D,as:%5B419~1.1,15~160.600%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:138,fm:ta4oEaF+1*.911106-61851556%7C111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b,idMap:1*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:702:b69e:e28a:c3ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 5FF1 0
194 B 105ms
32ms Image
text/plain 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001105643&eid=18072662296618092723&sigv=1&esig=2~ef49275ceb91e8b269429aeb659d9f013edb32a2

Requested by

Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aDmTKdUAv4REM1QVBOQt3yYtBtVPvO4GvU0bFKTmmw4ArhPmfA4WMm1HZbLpWAo5AJ15cr8Vc3lUsbeRPFxUWYVTUFS2bZaoUqbsTTrlPqvFSGQKQUZamPWn9UVv54r6smWyO0a2w4dvZdQVJH563Hot6tUWBe0rvkYFYfXaiMRUJAWUv0VHv5mbbxQFjn1EMs5a3j4q32nEbK1FUfWHMXoArans7wU8PGyBiexqiFQdfXHk&mediaDataID=5207316&mediaName=frame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 16:19:00 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DBEC 22 KB
8 KB 21ms
20ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 79515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 18:13:45 GMT
expires: Tue, 27 Jun 2023 18:13:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 knGWWo7aSa0uHovcfrgOqEbwt81bmGsp9O44qLiKOUk.js Show response
pagead2.googlesyndication.com/bg/ Frame A870 36 KB
14 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/knGWWo7aSa0uHovcfrgOqEbwt81bmGsp9O44qLiKOUk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9271965a8eda49ad2e1e8bdc7eb80ea846f0b7cd5b986b29f4ee38a8b88a3949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 11:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13854
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 11:36:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A486 0
20 B 85ms
83ms Image
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bg-lD8ym7Yq-dPMSRoPwP_bCM2AIAAAAAOAHgBAI&bg=!ycqlyo7NAAa8IIBmnCA7ACkAdvg8WpxlbvTkSpD69ElvQ31QIixRFNlBI1oWpT280gza1GK70qjO3gIAAAEmUgAAAAJoAQcKAFnK32NBfkNIVx696PsicuX1OPMbXfRZuf7qpkSCzPojFBTMHgWVi7xiOmWdYq83EQMA_lTFIj_lTd2S6-9hpMq2k9duk1L31A_8bdyKPIuU61W6LlTCAPL4vJkCuLm0SYIlkyTLGm_7sv1SIGqF5UL8DJoBnQJDxJV3omnq402hG4R6TqldNssDtXzQgwOWTotOP7HSmtTxhNhYWEPKCSyu-lFI4926M7eIQyFPWyR5X45vgqAzfRHfqqV7PZY7hNliAuz4IJPYeljg8UJNsnBiVdUHadztebhnu23EEtcl7v2GRV8pPJga1QXjimxZEFJ3_6Z3bitEPk0Nqh11TKtWQsvE88LrtE5SB0-nSfdO9tiAy62kuybwa6jE_Sy5fZ5s9CFb7m4wZB1EIWQ8rkM90u3nfTa14Cqb-6Pv8pjy5ggKpmc601kX5X1rLyio8-1En4FGS5tThu5ZZg-_XzFAUuPR1WLBdXZRc8l3l_vnVG1dkwdRfH6TYlCbaS-yjedsUZ-bu-49FLFfQAGAFTm2hkq2HUjra4WrWvEMvJfnkxAMcf2jSYH1dOgIsFpB5iphDmoROjWXNlLHeXI41yPso866A9YuREDwU7rW818uqvw5wLrJDIL1r1tcPzOZKmEnqYBS8fxTHc_-ZijqGcUd_M4mMsa0w2FOFaaiD2Yk1D-c5EPhB_5sH39PdhbBBfFQ96HAwUFsOBwkNooFbXrGAYR4Ame4sQsLr5iWdAyZaW4pcEhdualGo7TkxKynoe5Vtc6w_tyBCVR6IwgmhoadD-Yvw1ev54yH816--GDoW7ZHpOt1vqfZRXBAgnAdFzxNudhMPm90mbb4Jhe9ZExBCbNS1oOWUtVB-r4-3LST3oeuZYZbQEf5faxy9kCMM37bJsHiMSYCt3HL4A8b79N-K1NXc4ky4_IiXINMwimTw0RtGtTwqtf71AmBBu3LRRFjRATbg7vPecHw55eiKR9wnNtmdFJAqZDxab0Xfb_9dgjCuYjXWhuGgkUJ0ezTS4azoTuxjxOi1iKaX1ykA6ppy1ZGQQ

Requested by

Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 24ms
23ms Image
image/gif 2600:1f18:1aca:4280:702:b69e:e28a:c3ba
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8947&asId=985f668b-c59c-5e5c-129e-eb159e7d963f&tv=%7Bc:gQM1Ek,pingTime:-10,time:979,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuNTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1656433140871%7C%7C94cf70d5fc5d16ec4412605f25fad484%7C%7C8203953bb098b7ae8a102827ac834317%7C%7C562a83a24439adc10721391da2a5c992%7C%7C3402d1a2118c271d652c5f437c70867f%7C%7C5a28e6228ae7099900232fea35424373%7C%7Cec5fb9c0d7651396621759ed08d0a537%7C%7C2bd91d6f32e5ab2010b9517c2078a894%7C%7C1629390669%7D
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:702:b69e:e28a:c3ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:00 GMT
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 ViAmyRY-LKGlXGI_ktt9sOy-HRzFpgmS9L9D6qSMV6s.js Show response
pagead2.googlesyndication.com/bg/ Frame DBEC 36 KB
14 KB 35ms
35ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ViAmyRY-LKGlXGI_ktt9sOy-HRzFpgmS9L9D6qSMV6s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

562026c9163e2ca1a55c623f92db7db0ecbe1d1cc5a60992f4bf43eaa48c57ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 10:22:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13935
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 10:22:21 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 13B9 17 KB
6 KB 52ms
52ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220623/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 16:19:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 16:19:01 GMT

GET
H3 200 knGWWo7aSa0uHovcfrgOqEbwt81bmGsp9O44qLiKOUk.js Show response
pagead2.googlesyndication.com/bg/ Frame 2703 36 KB
14 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/knGWWo7aSa0uHovcfrgOqEbwt81bmGsp9O44qLiKOUk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9271965a8eda49ad2e1e8bdc7eb80ea846f0b7cd5b986b29f4ee38a8b88a3949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 11:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13854
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 11:36:51 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 25ms
24ms Image
image/gif 2600:1f18:1aca:4280:702:b69e:e28a:c3ba
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=911106&asId=11cf61ea-e3d1-f0ea-26f6-0ff274fb66a7&tv=%7Bc:gQM1Ib,time:793,type:e,im:%7Bpci:%7Btdr:693%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:793,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:1137.112.160.600,am:a,cc:1137.112.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B788~0%5D,as:%5B419~1.1,369~160.600%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:126,fm:ta4oEaF+1*.911106-61851556%7C111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:702:b69e:e28a:c3ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:01 GMT
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DBEC 0
20 B 84ms
83ms Image
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAaKO9Cm7YoyIIc2ZNfT7gogIAAAAADgB4AQC&bg=!ZWalZiLNAAa8IIBmnCA7ACkAdvg8WhXcAAYzk4uBF8r0UeBsjMs9gH1bVdR9tww8kHjyid_BhprhtAIAAACBUgAAAAJoAQcKAK3tmS6xHD0FxxpOpGBOKCMSbIbRXJlRMswud1yp0axkLgyuiQAcX3mgXAblNPrwcOFuRCN8QfXSSsgbqxUMOsleaMvDtTzW3USd0MW7rZBXS8iEicIyBG6LqbDWA6X8K7sIori_gXerlMHvZahxqcNuMTx5mziHVMsptjSfDE-kkUb8oIHC2RcW3W2E3dgOoSIdDeLstUiLSvgzHhOeDWenlwHS1cJHCoZszZyUD5kCy0lDC-f9-XnYxlmwBMkxoQt_skT3yrXH_zaialocVpOG6R8tWGHcxZ4wV2RK2gnI4rMM2O_lW6hanzU1ivQx1_SQZ1Z35iwgWTRa1n09lI24CSpKHZNIJltsficT1UWP_bM-6bpgqMgjudV4v6E8vpISnmtgVDFUHhVRFKpRPPFsa_FoZCfWWPINwRJ0-GpwwxB5JtHH_CAqOckI0e4r0dA1w0jJs_KdgY4uqs6wvjDSwI-PH5AEZBLN6eGROopTbGqroVXbQPc5_A1LhMaBh3vD0YIPcSC0-zoAtSoCFGgn6bM4yyLjIBD3x37z0tjB7rg6ONkmw-WMkcyM3NZ68vSRPhnyPo4lZo_kcoop-7n91g58BpSl3Q_ySDPEukeFJr1W-1N6eWSnaDs127dEWWUoa0JMfwuT51I7IBMYwjx1ecfW0kqV6F_G2Lm2fFP_sMtH7fXbO_CES9Z-FZl4tn37zTNCKf3FT5haefdg5UVh9WrmiWvig7E8hQ47YUzbGqiscHHtXXpgBHf9f_fAVk7GbUegkU7Zkr7RmcUYhgiYX-AGMe2Q2mV9Btv5V6wvhSu2MxQff0_cbakxTY42InXUjLjeyJbKuqWx55En0syPdT9xDuYAwW-X52Q_1kdkyweJlPM9jzNQyjU7Zlw-pppIj65XbVVN63WesgeBafXKbi5q0xTiNUOMeLuBHV-2WsA5vIyWbqstYxYRWc_3EfJBZTc9AJZFReP98QkdYieimwgzYp6YFsDCyUY-wvnixVWEGjxLKrPy_plkkNFjSDidWwIzon7_a9ckKRn1O2LEcZu2328J4hvsBA1MmMyeRvngYZLDP2n11oexnQY9Qz10jB34WO83PzRiCbSz85qEKQ9Hnlz3vMUxAC5aFXz0FuOY3Vr_i3b7r_mviqYtXTahNfCdDBXBR790yykg37pcClpMpflCuPNcT9E

Requested by

Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel;r=1202670874;rf=0;a=p-82Wca6j68XExo;url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php;ref=http%3A%2F%2Frubistar.4teachers.org%2F;uht=2;fpan=1;fpa=P0-1532156789-1656433141180;pbc=;ns=0;ce=1;...
pixel.quantserve.com/
Redirect Chain

http://pixel.quantserve.com/pixel;r=1202670874;rf=0;a=p-82Wca6j68XExo;url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php;ref=http%3A%2F%2Frubistar.4teachers.org%2F;uht=2;fpan=1;fpa=P0-1532156789-1...
https://pixel.quantserve.com/pixel;r=1202670874;rf=0;a=p-82Wca6j68XExo;url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php;ref=http%3A%2F%2Frubistar.4teachers.org%2F;uht=2;fpan=1;fpa=P0-1532156789-...

35 B
372 B

77ms
27ms

Image
image/gif

2620:116:800b:21:a021:b886:81cc:55cf
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1202670874;rf=0;a=p-82Wca6j68XExo;url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php;ref=http%3A%2F%2Frubistar.4teachers.org%2F;uht=2;fpan=1;fpa=P0-1532156789-1656433141180;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;d=4teachers.org;je=0;sr=1600x1200x24;dst=0;et=1656433141180;tzo=0;ogl=

Requested by

Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php

Protocol

Server

2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:01 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Date: Tue, 28 Jun 2022 16:19:01 GMT
Access-Control-Allow-Origin: *
Location: https://pixel.quantserve.com/pixel;r=1202670874;rf=0;a=p-82Wca6j68XExo;url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php;ref=http%3A%2F%2Frubistar.4teachers.org%2F;uht=2;fpan=1;fpa=P0-1532156789-1656433141180;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;d=4teachers.org;je=0;sr=1600x1200x24;dst=0;et=1656433141180;tzo=0;ogl=
Cache-Control: private, no-transform, max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Wed, 29 Jun 2022 16:19:01 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 24ms
23ms Image
image/gif 2600:1f18:1aca:4280:702:b69e:e28a:c3ba
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=911106&asId=11cf61ea-e3d1-f0ea-26f6-0ff274fb66a7&tv=%7Bc:gQM1JQ,pingTime:-10,time:896,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuNTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1656433140871%7C%7C94cf70d5fc5d16ec4412605f25fad484%7C%7C8203953bb098b7ae8a102827ac834317%7C%7C562a83a24439adc10721391da2a5c992%7C%7C3402d1a2118c271d652c5f437c70867f%7C%7C5a28e6228ae7099900232fea35424373%7C%7Cec5fb9c0d7651396621759ed08d0a537%7C%7C2bd91d6f32e5ab2010b9517c2078a894%7C%7C1629390669,sca:%7Bspg:985f668b-c59c-5e5c-129e-eb159e7d963f%7D%7D
Requested by: Host: rubistar.4teachers.org
URL: http://rubistar.4teachers.org/index.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:702:b69e:e28a:c3ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:01 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 24ms
24ms Image
image/gif 2600:1f18:1aca:4280:702:b69e:e28a:c3ba
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8947&asId=985f668b-c59c-5e5c-129e-eb159e7d963f&tv=%7Bc:gQM1M7,time:1462,type:e,im:%7BpLoad:1433%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:617,o:845,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:406,wc:0.0.1600.1200,ac:458.0.728.90,am:a,cc:458.79.728.14,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B454~0%5D,as:%5B454~728.90%5D%7D%7D,%7Bsl:i,t:845,wc:0.0.1600.1200,ac:458.0.728.90,am:a,cc:458.79.728.14,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B617~100%5D,as:%5B617~728.90%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jload,dtt:58,fm:ta4oEaF+1*.8947%7C111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:702:b69e:e28a:c3ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:01 GMT
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3168 42 B
64 B 34ms
33ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstN-bWrj72Fy3M-RAIhTtSlz3NAoy3-YfqZ_T0dvfDgy_ppePLJ_cluk4GW39Hc45Do428vTMGPCWje74TbFq4&sig=Cg0ArKJSzPABOL3oBJ2KEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=311390502&rs=6&la=0&cr=0&vs=4&r=v&rst=1656433139890&rpt=519&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 25ms
23ms Image
image/gif 2600:1f18:1aca:4280:702:b69e:e28a:c3ba
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8947&asId=985f668b-c59c-5e5c-129e-eb159e7d963f&tv=%7Bc:gQM1Sk,pingTime:1,time:1847,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:407%7D,%7Bpiv:100,vs:i,r:,t:845%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:845,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:406,wc:0.0.1600.1200,ac:458.0.728.90,am:a,cc:458.79.728.14,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B454~0%5D,as:%5B454~728.90%5D%7D%7D,%7Bsl:i,t:845,wc:0.0.1600.1200,ac:458.0.728.90,am:a,cc:458.79.728.14,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jload,dtt:27,fm:ta4oEaF+1*.8947%7C111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:702:b69e:e28a:c3ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:01 GMT
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 26ms
25ms Image
image/gif 2600:1f18:1aca:4280:702:b69e:e28a:c3ba
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8947&asId=985f668b-c59c-5e5c-129e-eb159e7d963f&tv=%7Bc:gQM1Sl,pingTime:1,time:1848,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:407%7D,%7Bpiv:100,vs:i,r:,t:845%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1003,o:845,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:406,wc:0.0.1600.1200,ac:458.0.728.90,am:a,cc:458.79.728.14,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B454~0%5D,as:%5B454~728.90%5D%7D%7D,%7Bsl:i,t:845,wc:0.0.1600.1200,ac:458.0.728.90,am:a,cc:458.79.728.14,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~728.90%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jload,dtt:27,fm:ta4oEaF+1*.8947%7C111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:702:b69e:e28a:c3ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:01 GMT
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 27ms
25ms Image
image/gif 2600:1f18:1aca:4280:702:b69e:e28a:c3ba
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8947&asId=985f668b-c59c-5e5c-129e-eb159e7d963f&tv=%7Bc:gQM1Sm,pingTime:1,time:1849,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:407%7D,%7Bpiv:100,vs:i,r:,t:845%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1004,o:845,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:406,wc:0.0.1600.1200,ac:458.0.728.90,am:a,cc:458.79.728.14,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B454~0%5D,as:%5B454~728.90%5D%7D%7D,%7Bsl:i,t:845,wc:0.0.1600.1200,ac:458.0.728.90,am:a,cc:458.79.728.14,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1004~100%5D,as:%5B1004~728.90%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jload,dtt:27,fm:ta4oEaF+1*.8947%7C111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:702:b69e:e28a:c3ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:01 GMT
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 25ms
24ms Image
image/gif 2600:1f18:1aca:4280:702:b69e:e28a:c3ba
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8947&asId=985f668b-c59c-5e5c-129e-eb159e7d963f&tv=%7Bc:gQM1Sm,pingTime:1,time:1849,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:407%7D,%7Bpiv:100,vs:i,r:,t:845%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1004,o:845,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:406,wc:0.0.1600.1200,ac:458.0.728.90,am:a,cc:458.79.728.14,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B454~0%5D,as:%5B454~728.90%5D%7D%7D,%7Bsl:i,t:845,wc:0.0.1600.1200,ac:458.0.728.90,am:a,cc:458.79.728.14,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1004~100%5D,as:%5B1004~728.90%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jload,dtt:27,fm:ta4oEaF+1*.8947%7C111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:702:b69e:e28a:c3ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:01 GMT
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 13B9 42 B
64 B 34ms
33ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcE5-s_b02RgGyPXnxICFzaxZL3_-H_9NHhefeaIkep24CVqRNDynT0nMgkp-X-jrRv7dxzV_ANbQgBBufw_pcI7kdbc-MpDY&sig=Cg0ArKJSzEApfv7n0p65EAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=843632054&rs=6&la=0&cr=0&vs=4&r=v&rst=1656433140472&rpt=303&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ad_choices_i_UR.png
cdnx.tribalfusion.com/media/common//adChoice/icon/ 513 B
1 KB 27ms
26ms Image
image/png 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_i_UR.png
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1afa262e624f1634b15d619047f0addeb94a4f964711ae7d89997559ab75e77f

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:19:01 GMT
CF-Cache-Status: HIT
Age: 79375
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 513
X-Function: 301
Last-Modified: Mon, 22 Mar 2021 08:13:56 GMT
Server: cloudflare
ETag: 1616400836
Vary: Accept-Encoding
Content-Type: image/png; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public
Accept-Ranges: bytes
CF-RAY: 7227bde03898ecea-YUL
Expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H/1.1 200
OK ad_choices_UR.png
cdnx.tribalfusion.com/media/common//adChoice/icon/ 2 KB
2 KB 31ms
21ms Image
image/png 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_UR.png
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69f04517e8026c40b59c45b86cce990587bd1480ed65a966767c49f3afb9683b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:19:01 GMT
CF-Cache-Status: HIT
Age: 3878
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1608
X-Function: 301
Last-Modified: Mon, 22 Mar 2021 08:13:56 GMT
Server: cloudflare
ETag: 1616400836
Vary: Accept-Encoding
Content-Type: image/png; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public
Accept-Ranges: bytes
CF-RAY: 7227bde0483a4bcb-YUL
Expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H/1.1 200
OK ad_choices_i_UR.png
cdnx.tribalfusion.com/media/common//adChoice/icon/ 513 B
1 KB 20ms
20ms Image
image/png 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_i_UR.png
Requested by: Host: cdnx.tribalfusion.com
URL: http://cdnx.tribalfusion.com/media/common/adChoice/tf_adChoice11.js
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1afa262e624f1634b15d619047f0addeb94a4f964711ae7d89997559ab75e77f

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:19:02 GMT
CF-Cache-Status: HIT
Age: 79376
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 513
X-Function: 301
Last-Modified: Mon, 22 Mar 2021 08:13:56 GMT
Server: cloudflare
ETag: 1616400836
Vary: Accept-Encoding
Content-Type: image/png; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public
Accept-Ranges: bytes
CF-RAY: 7227bde2dcc64bcb-YUL
Expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H/1.1 200
OK ad_choices_UR.png
cdnx.tribalfusion.com/media/common//adChoice/icon/ 2 KB
2 KB 21ms
21ms Image
image/png 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_UR.png
Requested by: Host: cdnx.tribalfusion.com
URL: http://cdnx.tribalfusion.com/media/common/adChoice/tf_adChoice11.js
Protocol: HTTP/1.1
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69f04517e8026c40b59c45b86cce990587bd1480ed65a966767c49f3afb9683b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 16:19:02 GMT
CF-Cache-Status: HIT
Age: 3879
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1608
X-Function: 301
Last-Modified: Mon, 22 Mar 2021 08:13:56 GMT
Server: cloudflare
ETag: 1616400836
Vary: Accept-Encoding
Content-Type: image/png; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public
Accept-Ranges: bytes
CF-RAY: 7227bde2dbc4ecea-YUL
Expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H3 200 35747479_20211020090433101_Forex_logo.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 789A 3 KB
3 KB 20ms
19ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090433101_Forex_logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b32d2c190d8bd0b1660601ca99800e162e6583dfd5dd2705ff0f718cdef485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/index.html?e=69&leftOffset=0&topOffset=0&c=lyKpyakYQX&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 12:43:07 GMT
x-content-type-options: nosniff
age: 12955
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3374
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 16:04:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 12:43:07 GMT

GET
H3 200 35747479_20220228011835645_FXCA-Natural-Gas-Sprite.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 789A 221 KB
221 KB 21ms
20ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20220228011835645_FXCA-Natural-Gas-Sprite.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

674a5b85b7ff2f122e37fc96addc49b4437708598706e37da19265bb7f43c660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/index.html?e=69&leftOffset=0&topOffset=0&c=lyKpyakYQX&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 10:48:24 GMT
x-content-type-options: nosniff
age: 19838
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 226045
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 09:18:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 10:48:24 GMT

GET
H3 200 35747479_20211020090550552_1x1-00000000.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 789A 68 B
94 B 21ms
21ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090550552_1x1-00000000.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/index.html?e=69&leftOffset=0&topOffset=0&c=lyKpyakYQX&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 01:09:34 GMT
x-content-type-options: nosniff
age: 54568
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 16:05:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 01:09:34 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 24ms
23ms Image
image/gif 2600:1f18:1aca:4280:702:b69e:e28a:c3ba
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=911106&asId=11cf61ea-e3d1-f0ea-26f6-0ff274fb66a7&tv=%7Bc:gQM2aO,pingTime:1,time:2568,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:16%7D,%7Bw:160,h:600,t:424%7D,%7Bpiv:100,vs:i,r:,t:1566%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1566,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:1137.112.160.600,am:a,cc:1137.112.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1562~0,0~100%5D,as:%5B419~1.1,1143~160.600%5D%7D%7D,%7Bsl:i,t:1566,wc:0.0.1600.1200,ac:1137.112.160.600,am:a,cc:1137.112.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:rjss,dtt:27,fm:ta4oEaF+1*.911106-61851556%7C111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:702:b69e:e28a:c3ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:02 GMT
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 24ms
24ms Image
image/gif 2600:1f18:1aca:4280:702:b69e:e28a:c3ba
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=911106&asId=11cf61ea-e3d1-f0ea-26f6-0ff274fb66a7&tv=%7Bc:gQM2aO,pingTime:1,time:2568,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:16%7D,%7Bw:160,h:600,t:424%7D,%7Bpiv:100,vs:i,r:,t:1566%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1566,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:1137.112.160.600,am:a,cc:1137.112.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1562~0,0~100%5D,as:%5B419~1.1,1143~160.600%5D%7D%7D,%7Bsl:i,t:1566,wc:0.0.1600.1200,ac:1137.112.160.600,am:a,cc:1137.112.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:rjss,dtt:27,fm:ta4oEaF+1*.911106-61851556%7C111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:702:b69e:e28a:c3ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://rubistar.4teachers.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 16:19:02 GMT
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 35747479_20211020090433101_Forex_logo.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 789A 3 KB
3 KB 20ms
19ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090433101_Forex_logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b32d2c190d8bd0b1660601ca99800e162e6583dfd5dd2705ff0f718cdef485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/index.html?e=69&leftOffset=0&topOffset=0&c=lyKpyakYQX&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 12:43:07 GMT
x-content-type-options: nosniff
age: 12957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3374
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 16:04:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 12:43:07 GMT

GET
H3 200 35747479_20220228011835645_FXCA-Natural-Gas-Sprite.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 789A 221 KB
221 KB 20ms
20ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20220228011835645_FXCA-Natural-Gas-Sprite.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

674a5b85b7ff2f122e37fc96addc49b4437708598706e37da19265bb7f43c660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/index.html?e=69&leftOffset=0&topOffset=0&c=lyKpyakYQX&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 10:48:24 GMT
x-content-type-options: nosniff
age: 19840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 226045
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 09:18:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 10:48:24 GMT

GET
H3 200 35747479_20211020090550552_1x1-00000000.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 789A 68 B
94 B 21ms
21ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090550552_1x1-00000000.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61932803/20211210033110632/index.html?e=69&leftOffset=0&topOffset=0&c=lyKpyakYQX&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 01:09:34 GMT
x-content-type-options: nosniff
age: 54570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 16:05:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 01:09:34 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rubistar.4teachers.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0351b1d95860cce5acbbd117c51cdf1c
rubistar.4teachers.org/	1970-01-20 08:26:25	Name: site_db Value: pgsql
rubistar.4teachers.org/	1970-01-20 08:26:25	Name: skin Value: default
rubistar.4teachers.org/	1970-01-20 08:26:25	Name: lang Value: default
.scorecardresearch.com/	1970-01-20 21:24:01	Name: UID Value: 1AD4e3041258a2eadb352371656433139
.casalemedia.com/	1970-01-20 12:52:49	Name: CMID Value: Yrsp9DJCMlu5FK0NcHkcBQAA
.casalemedia.com/	1970-01-20 06:16:49	Name: CMPS Value: 091
.casalemedia.com/	1970-01-20 06:16:49	Name: CMPRO Value: 091
.doubleclick.net/	1970-01-20 13:28:49	Name: IDE Value: AHWqTUk8ZCqJvzmFUkampspAvcjjSa7KqA1zs7lc9Lc2gezmSvjvtVJIVKsNxDO1x30
.openx.net/	1970-01-20 12:52:49	Name: i Value: ffe0ed80-cda2-4e1c-8796-d207d01a2a11\|1656433140
.casalemedia.com/	1970-01-20 06:16:49	Name: CMTS Value: 12
.agkn.com/	1970-01-20 12:52:49	Name: ab Value: 0001%3A3tAscqTxmkryO9aj5hXJbDmWHBwlATFW
.yahoo.com/	1970-01-20 12:53:10	Name: A3 Value: d=AQABBPQpu2ICEEgizbRbb6D9dd5x6lXpq1gFEgEBAQF7vGLFYgAAAAAA_eMAAA&S=AQAAAt8oUj1PGAp1gY5C3A10Hdc
.analytics.yahoo.com/	1970-01-20 12:52:49	Name: IDSYNC Value: 18gs~25ps
.krxd.net/	1970-01-20 08:26:25	Name: _kuid_ Value: O7PGYBgp
.demdex.net/	1970-01-20 08:26:25	Name: demdex Value: 39930292892171146602499573488221969328
.dpm.demdex.net/	1970-01-20 08:26:25	Name: dpm Value: 39930292892171146602499573488221969328
.rubiconproject.com/	1970-01-20 12:52:49	Name: khaos Value: L4YDIV62-Z-EDT
.rubiconproject.com/	1970-01-20 12:52:49	Name: audit Value: 1\|UQXsMcRMOlMfLFW/grNIKPTuk/CPid40yj7Zgt+QJvT/kNnCVrpOjChknUBYuE0EeHCAeRNyxmJw0S94mtzOH5XWkKNeFzCML/pcCfse9Tpl7dGFWXPG2fHvhE2xAIW9rexUiTBZc+leOc0wET2qbITvt+0f5jd03vJfe66kgzPQD5U7tEfUTQ==
.4teachers.org/	1970-01-20 21:38:25	Name: __utma Value: 55323060.54147971.1656433141.1656433141.1656433141.1
.4teachers.org/	1969-12-31 23:59:59	Name: __utmc Value: 55323060
.4teachers.org/	1970-01-20 08:30:01	Name: __utmz Value: 55323060.1656433141.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.4teachers.org/	1970-01-20 04:07:13	Name: __utmt Value: 1
.4teachers.org/	1970-01-20 04:07:14	Name: __utmb Value: 55323060.1.10.1656433141
.pubmatic.com/	1970-01-20 04:08:39	Name: KTPCACOOKIE Value: YES
.spotxchange.com/	1970-01-20 12:52:53	Name: audience Value: 0501139f-f6fe-11ec-aec4-19b3ac430503
.pubmatic.com/	1970-01-20 06:16:49	Name: KADUSERCOOKIE Value: A753D9B1-EAE9-4BAC-8C74-93F2E63160BA
.cendantchg.demdex.net/	1970-01-20 08:26:25	Name: cendantchg Value: 39930292892171146602499573488221969328
.pubmatic.com/	1970-01-20 04:50:25	Name: KRTBCOOKIE_1051 Value: 22884-18072662296618092723
.pubmatic.com/	1970-01-20 04:50:25	Name: PugT Value: 1656397881
.tribalfusion.com/	1970-01-20 06:16:49	Name: ANON_ID Value: aEnMQgRZdySaAIUMnYAhrtrZaknBeh9E52tZbmTS1yRf0TAUhAsJZcccWqRrJVCNjxQuKgouKjPW6g8CeutLgTZcS9UZckIMndxlR0DWcu8jYnqF9fGy94aoOfxKSYU3oZbvwfOIs9N655W3LrFjxKFXYZc938KkPrMN
.quantserve.com/	1970-01-20 13:37:27	Name: mc Value: 62bb29f5-4bc92-a5e03-1eef1
.4teachers.org/	1970-01-20 13:31:41	Name: __qca Value: P0-1532156789-1656433141180

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://tags.expo9.exponential.com/tags/4Teachersorg/ROS/tags.js(Line 826) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/displayAd.js?dver=0.9&th=8230918794, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://tags.expo9.exponential.com/tags/4Teachersorg/ROS/tags.js(Line 826) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/displayAd.js?dver=0.9&th=8230918794, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://tags.expo9.exponential.com/tags/4Teachersorg/ROS/tags.js(Line 1693) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=4teachersorg&adSpace=ros&center=1&size=728x90&env=display&url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&rurl=http%3A%2F%2Frubistar.4teachers.org%2F&f=0&p=13064183&tKey=armneM3cY40FYJUATq4AFh2S7nVp5T6t&a=1&adContainerId=richmedia_2&rnd=13063873, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://tags.expo9.exponential.com/tags/4Teachersorg/ROS/tags.js(Line 1693) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=4teachersorg&adSpace=ros&center=1&size=728x90&env=display&url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&rurl=http%3A%2F%2Frubistar.4teachers.org%2F&f=0&p=13064183&tKey=armneM3cY40FYJUATq4AFh2S7nVp5T6t&a=1&adContainerId=richmedia_2&rnd=13063873, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=4teachersorg&adSpace=ros&center=1&size=728x90&env=display&url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&rurl=http%3A%2F%2Frubistar.4teachers.org%2F&f=0&p=13064183&tKey=armneM3cY40FYJUATq4AFh2S7nVp5T6t&a=1&adContainerId=richmedia_2&rnd=13063873(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=4teachersorg&adSpace=ros&center=1&size=728x90&env=display&url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&rurl=http%3A%2F%2Frubistar.4teachers.org%2F&f=0&p=13064183&tKey=armneM3cY40FYJUATq4AFh2S7nVp5T6t&a=1&adContainerId=richmedia_2&rnd=13063873(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=4teachersorg&adSpace=ros&center=1&size=728x90&env=display&url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&rurl=http%3A%2F%2Frubistar.4teachers.org%2F&f=0&p=13064183&tKey=armneM3cY40FYJUATq4AFh2S7nVp5T6t&a=1&adContainerId=richmedia_2&rnd=13063873(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pixel.adsafeprotected.com/jload?anId=8947&advId=762733&campId=14376432&pubId=89230&chanId=10655685&placementId=728x90, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 45) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v90.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 45) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v90.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 100) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	warning	URL: http://tags.expo9.exponential.com/tags/4Teachersorg/ROS/tags.js(Line 1693) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=4teachersorg&adSpace=ros&center=1&size=160x600&env=display&url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&rurl=http%3A%2F%2Frubistar.4teachers.org%2F&f=0&p=13064183&tKey=armneM3cY40FYJUATq4AFh2S7nVp5T6t&a=3&adContainerId=richmedia_4&rnd=13060106, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://tags.expo9.exponential.com/tags/4Teachersorg/ROS/tags.js(Line 1693) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=4teachersorg&adSpace=ros&center=1&size=160x600&env=display&url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&rurl=http%3A%2F%2Frubistar.4teachers.org%2F&f=0&p=13064183&tKey=armneM3cY40FYJUATq4AFh2S7nVp5T6t&a=3&adContainerId=richmedia_4&rnd=13060106, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=4teachersorg&adSpace=ros&center=1&size=160x600&env=display&url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&rurl=http%3A%2F%2Frubistar.4teachers.org%2F&f=0&p=13064183&tKey=armneM3cY40FYJUATq4AFh2S7nVp5T6t&a=3&adContainerId=richmedia_4&rnd=13060106(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fw.adsafeprotected.com/rjss/www.googletagservices.com/911106/61851556/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=4teachersorg&adSpace=ros&center=1&size=160x600&env=display&url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&rurl=http%3A%2F%2Frubistar.4teachers.org%2F&f=0&p=13064183&tKey=armneM3cY40FYJUATq4AFh2S7nVp5T6t&a=3&adContainerId=richmedia_4&rnd=13060106(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fw.adsafeprotected.com/rjss/www.googletagservices.com/911106/61851556/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://fw.adsafeprotected.com/rjss/www.googletagservices.com/911106/61851556/dcm/dcmads.js(Line 1011) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fw.adsafeprotected.com/rfw/www.googletagservices.com/911106/61851556/dcm/dcmads.js?adsafe_url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&adsafe_type=abdq&adsafe_url=http%3A%2F%2Frubistar.4teachers.org%2F&adsafe_type=f&adsafe_jsinfo=,id:11cf61ea-e3d1-f0ea-26f6-0ff274fb66a7,c:gQM1vE,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-74d8c6bddc-nr6cv,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:1217.112.1.1,am:s,cc:1137.112.160.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:ta4oEhw+1.911106-61851556%7C111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b,idMap:1,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:17,oid:04af0e41-f6fe-11ec-8e63-66e12a68a265,v:19.8.319,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://fw.adsafeprotected.com/rjss/www.googletagservices.com/911106/61851556/dcm/dcmads.js(Line 1011) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fw.adsafeprotected.com/rfw/www.googletagservices.com/911106/61851556/dcm/dcmads.js?adsafe_url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&adsafe_type=abdq&adsafe_url=http%3A%2F%2Frubistar.4teachers.org%2F&adsafe_type=f&adsafe_jsinfo=,id:11cf61ea-e3d1-f0ea-26f6-0ff274fb66a7,c:gQM1vE,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-74d8c6bddc-nr6cv,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:1217.112.1.1,am:s,cc:1137.112.160.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:ta4oEhw+1.911106-61851556%7C111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b,idMap:1,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:17,oid:04af0e41-f6fe-11ec-8e63-66e12a68a265,v:19.8.319,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/911106/61851556/dcm/dcmads.js?adsafe_url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&adsafe_type=abdq&adsafe_url=http%3A%2F%2Frubistar.4teachers.org%2F&adsafe_type=f&adsafe_jsinfo=,id:11cf61ea-e3d1-f0ea-26f6-0ff274fb66a7,c:gQM1vE,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-74d8c6bddc-nr6cv,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:1217.112.1.1,am:s,cc:1137.112.160.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:ta4oEhw+1.911106-61851556%7C111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b,idMap:1,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:17,oid:04af0e41-f6fe-11ec-8e63-66e12a68a265,v:19.8.319,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0(Line 45) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v90.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/911106/61851556/dcm/dcmads.js?adsafe_url=http%3A%2F%2Frubistar.4teachers.org%2Findex.php&adsafe_type=abdq&adsafe_url=http%3A%2F%2Frubistar.4teachers.org%2F&adsafe_type=f&adsafe_jsinfo=,id:11cf61ea-e3d1-f0ea-26f6-0ff274fb66a7,c:gQM1vE,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-74d8c6bddc-nr6cv,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:1217.112.1.1,am:s,cc:1137.112.160.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:ta4oEhw+1.911106-61851556%7C111%7C112%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b,idMap:1,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:17,oid:04af0e41-f6fe-11ec-8e63-66e12a68a265,v:19.8.319,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0(Line 45) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v90.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: http://rubistar.4teachers.org/index.php(Line 748) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://rubistar.4teachers.org/index.php(Line 748) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://ad.doubleclick.net/ddm/adi/N477201.8427EXPONENTIALINCTRIBAL/B27006846.331061802;dc_ver=90.264;dc_rxp=1;sz=160x600;u_sd=1;dc_adk=843632054;ord=ifspdv;click=http%3A%2F%2Fa.tribalfusion.com%2Fh.click%2FalmYxvWrb05bEtWq3sVqrcSTYZcQcZbARFItPHjkWsrT2FuroWisXaex2t3DPVbE46JLptAtUWBhYbQaYbfhXa6sRUUATFZb5VWvWobjxQbrqXTYy5EUh5Ev5oaFH1rF8UWB1n6bBmG3podMF5Evg5dmy46jGnFbZcYsrTYGF21VbMnTr23UFVWbjZcV6M5REvQQVZbtQWUO1HJrTmjx3VB1XFnDU6qn2AY8QPFE2HFyXWBApd2o5aTstDq9rRBIwQaxx6BvRHY3WmXNyQj2tQjCiVrgox%2F;dc_rfl=0,http%3A%2F%2Frubistar.4teachers.org%2Findex.php$0;xdt=0;crlt=SwRuuBj3oO;stc=1;sttr=5;prcl=s Message: Refused to execute script from 'https://cendantchg.demdex.net/event?d_event=imp&d_src=141961&d_site=4637988&d_creative=174106002&d_adgroup=523263982&d_placement=331061802&d_campaign=27006846&d_bust=2127588690' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a4.tribalfusion.com
aa.agkn.com
ad.doubleclick.net
ads.yahoo.com
b.scorecardresearch.com
beacon.krxd.net
cdnx.tribalfusion.com
cendantchg.demdex.net
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
edge.quantserve.com
fw.adsafeprotected.com
googleads4.g.doubleclick.net
image6.pubmatic.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
public-prod-dspcookiematching.dmxleo.com
rubistar.4teachers.org
rules.quantcount.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
simage2.pubmatic.com
static.adsafeprotected.com
sync.search.spotxchange.com
tags.bluekai.com
tags.expo9.exponential.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.googletagservices.com
104.18.18.126
104.36.115.109
107.23.25.2
142.250.80.34
142.250.80.70
142.251.40.226
166.78.24.46
172.64.155.149
18.210.147.45
184.50.205.90
2001:4998:14:800::1000
2600:1f18:1aca:4280:702:b69e:e28a:c3ba
2600:9000:20d1:2200:6:44e3:f8c0:93a1
2600:9000:20d1:8a00:8:48e:53c0:93a1
2606:4700:4400::6812:23ee
2606:4700:4400::ac40:98f5
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81f::2002
2607:f8b0:4006:824::2006
2620:116:800b:21:a021:b886:81cc:55cf
2620:116:800b:21:f059:4f7e:28a9:1588
3.218.90.66
3.223.70.168
35.190.126.92
35.244.159.8
54.187.162.41
54.187.35.166
65.9.149.112
65.9.149.113
65.9.149.65
69.12.8.74
69.173.151.100
8.28.7.81
053a5c6db46bfd18b881398d12d57b4ab89e84d348b70e0d837802075a37a5c4
10cb35a5786ba742e0e5e91c22f42ae9cafa7acdfcab479053cfa8ed8b39adf0
116ab965ebe00608e0a0d81b14bb97e89e25d4e3949b0825438a722865263484
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
157add5d21d145ab9e00a466ef1a1bfd29e61bb495615820d7b213b9603c2dbf
174f70d780e693eb01583c16ec1e7011945c8bf17a2983ca05e88cf0d99af1c2
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ad14ba6a9d78ed9415bcb6c72419851b02688f4f2d206518124dc19e3a531e1
1afa262e624f1634b15d619047f0addeb94a4f964711ae7d89997559ab75e77f
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
25a928730444a77d63cadb975a27ce1e48783255b12c0c8578e0bcb84f7c0eb7
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
296d2cf190673cacdb8ce73ffacc75fdc3a6a9752ada36ed7c1ab75184546f6a
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2ce23e400795f2042907e26c6420149ab2ea1c1f5dc6103632f6a2f626afd8ba
320a6c4cc24d7dbb1049f1c9f37956f7f5e465c7055ecf48c5d785702b5e5d9c
3235ea90e5c9bb6ebe0861f4832fdce864470c077d292a3779fb5f4281e14dc2
36a0fb9cb2ef3fa04f18fc6d62a71bee1b74779a0fcb95f766194b9b783162cd
373015d4e34dbf73ecb406228a102a191bf689ab1531ad0afa629e97b6a4a7bd
37642281339cd406804496e689bdd9648308fc3917f7eaaf259388f410e27ab5
40a6fde90e5fa4d7aac669a50ca1efd481e15e6672586fb51f636fbcccf26a04
414065eb8bccfeced9386a863dba180b1ab3153b18395b3bd4e855e0ee860f4e
4a570cca371477ee5ba4b99a4e08e38519f4c9258abf1fdc56958de93e29aefe
4b88a304d6162d0e7bc1ea1c3b8c9e9f6b6751002a6d58b6a7bb2c4dd383dea8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
562026c9163e2ca1a55c623f92db7db0ecbe1d1cc5a60992f4bf43eaa48c57ab
595374b4287ac35757c51ffb0e544392397afbc8f4eecc7f6f97a6bcb3b6c18d
5c01f25a62a6d39f4a0a1d879aa4dff56bb2b0e2a153d025a2ad6e12699d562c
5cfe6452430add6815972417b5a0b540bfcf40ea9e12ae88831a54a555f9a751
6068f772db6d8f4e0e456d51650ce409aa2594917f4db4b5c82a08fc1a456256
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
674a5b85b7ff2f122e37fc96addc49b4437708598706e37da19265bb7f43c660
69f04517e8026c40b59c45b86cce990587bd1480ed65a966767c49f3afb9683b
6c0b4d8190f5741451a1452b5409048f607b151bce97a731bd965de3bf6a8613
6e31b823882096d98e618074051b8939a58b0330544d420bfabd2b9cdaee6eef
74d9c930572cb278dad205dbdbd88b0f6e1bdec828a754ba1dec31a1380fadef
7ad2a7e39dd3e55766cebce07a3aa6bd6c8ec1efaf8575219f460f30a9a2dae7
7dc606be4585fb0adfc94553e94388529c8e1edccc0524f76472c11704bb1f7d
7efe4a12aa898eac3befac6f8759bf67d1bdf408278bc530af60d6ff8a678edc
806f923d83f4c9c91e1854526d2f64314765568f044942f97f3ffedeb47885de
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89b32d2c190d8bd0b1660601ca99800e162e6583dfd5dd2705ff0f718cdef485
8b60052c6c4f6515e5d0826cd4d6188d7be4b9c970135a172fee27da9475b2fa
8d2aa64cf5d8cf0c450e7585fa917cc1f1bfcff08742318eb69ebd3635024c3c
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8eee7b34356fcf9fe076bd973b7f78014097060ab9482cb5dcd53628e32e2be0
90068f541d975608ff7c36ee8fd9c8819e94fb703be030e0ba7e7a53a9b2023d
9031423e1319503c1a845ee5faff4efe6e50b12ffea223b81426d871b923235b
9271965a8eda49ad2e1e8bdc7eb80ea846f0b7cd5b986b29f4ee38a8b88a3949
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
987b47cd3f7df93fbf1ba840164ef4862058483f327b5a8ad85019a605f36e5e
988e00b9ff040d59d506bc1c5cdad477c9e95883413428e7e38866678350d3ba
9ad06ed608ce1b98c5c263c9d49e91cba8109fc7821606e84d6ef4fc2b9c9661
9f8f1043d061d6571219b6023036184d80fc72f241c35ea1523d9414a922c5d5
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a733b5e4dc01daa2cf4a331697f8aef675050ac5d1a47d7a1262aeeb771b4353
aa7fd2448bda49ee08abfc0e2054f1fc902a5a3c29d222dd22c1c4fbad699080
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
becfe54a92dcdab6b0dfb3b7db070d3f10e66732ed62a5ec2840ae3edd8c4b38
c61c733e0d00a507e15ec0854627028d4693565f5f391fe3f314e66462b2d4e5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d98df293637e4f1de6293c903fb21125ad9373764e36d8335c980b62f97da8c0
d9ebddedcebd351bb4e992c15921ef1378358eb1e02a8bae03d249506f2cd11a
da697e4a5654c750168d62ba00fded8a38fd33ac179d8223fbfba9b35175eff1
def299ab070392cdfed2e0720ccdbd8fcc27c70393e34e92ef397db9066d284a
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8a99d2994296d8eb001172f0e70357c57657187ee695e17e53466c1068f0c81
eb3e750c6fab3976f69f16b4f398de3d44e8fb7d596235c25a28df5ddacf48f7
eca9bd350a051713e84ae6980728645b4bcfcf3642b97f2ebfdeb812e3825c71
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c9fc0fa3a18dcc21472927308cf0458a2bda87225597c638e274812f603aa5
f22a7afbef91c1d1b56a5f680e8949f58cd65c62e0fd84f005ca65b393cb6b3c
f5369863a5981c1d3d1c6f6a9221df33c8578015c82b92ea684ecdf96b26dbb0
f5e9aedc836b5666de5e9a8fc4013b4349272463860769fb9066e45e087902a2
f87c43aaa1667f91fc053ab21b43849124f5fae9d343295abe87fbafc6be933b
fa734147f34611707bd1154cd0b7d1dcaf97cb0ad82cadba9128998446b7d4e4
fdc3d10ef68bca3bb20eefe033f3e0f4a3bd7807a69c463b6b0b1576ca41e719
ff6d28eebe8b2c0d36c5d244646eaa0489702f4b7de7038f6f0c291b8d3e90b0

rubistar.4teachers.org Open in urlscan Pro 166.78.24.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

137 Requests

53 %HTTPS

37 %IPv6

24 Domains

38 Subdomains

25 IPs

2 Countries

1656 kBTransfer

2920 kBSize

33 Cookies

12 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rubistar.4teachers.org Open in urlscan Pro
166.78.24.46 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

53 %
HTTPS

37 %
IPv6

24
Domains

38
Subdomains

25
IPs

2
Countries

1656 kB
Transfer

2920 kB
Size

33
Cookies

137 HTTP transactions
0 data transactions