secure01b-bbt.webcindario.com Open in urlscan Pro
5.57.226.202 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secure01b-bbt.webcindario.com/
Submission: On December 25 via manual (December 25th 2020, 7:05:32 pm UTC) from US

Summary HTTP 274 Redirects Behaviour Indicators

Summary

This website contacted 53 IPs in 11 countries across 56 domains to perform 274 HTTP transactions. The main IP is 5.57.226.202, located in Madrid, Spain and belongs to SERVIHOSTING-AS AireNetworks, ES. The main domain is secure01b-bbt.webcindario.com.
TLS certificate: Issued by R3 on December 7th 2020. Valid for: 3 months.

This is the only time secure01b-bbt.webcindario.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Royal Mail (Government)

Domain & IP information

	IP Address	AS Autonomous System
9	5.57.226.202 5.57.226.202	29119 (SERVIHOST...) (SERVIHOSTING-AS AireNetworks)
1	2606:4700:20:... 2606:4700:20::681a:dc8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:9200:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	34.253.64.195 34.253.64.195	16509 (AMAZON-02) (AMAZON-02)
1	89.255.248.54 89.255.248.54	60626 (LEASEWEBCDN) (LEASEWEBCDN)
1	212.92.55.6 212.92.55.6	24592 (NEXICA-AS) (NEXICA-AS)
6	51.89.234.150 51.89.234.150	16276 (OVH) (OVH)
1	3.131.72.148 3.131.72.148	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:26f0:64:... 2a02:26f0:64::210:6b1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:303... 2606:4700:3035::6812:3c5e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:206... 2600:9000:206f:aa00:15:efbc:e300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	159.69.60.133 159.69.60.133	24940 (HETZNER-AS) (HETZNER-AS)
1	3.121.50.79 3.121.50.79	16509 (AMAZON-02) (AMAZON-02)
9	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1 8	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
6	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
6	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	185.86.139.59 185.86.139.59	201081 (SMARTADSE...) (SMARTADSERVER)
110	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
3	34.240.209.250 34.240.209.250	16509 (AMAZON-02) (AMAZON-02)
4 4	18.195.240.234 18.195.240.234	16509 (AMAZON-02) (AMAZON-02)
6 21	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 6	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2 2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
5 8	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
1 4	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 5	52.17.253.7 52.17.253.7	16509 (AMAZON-02) (AMAZON-02)
1 4	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
3 3	35.161.8.247 35.161.8.247	16509 (AMAZON-02) (AMAZON-02)
3	185.86.137.131 185.86.137.131	201081 (SMARTADSE...) (SMARTADSERVER)
3	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
3	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
3 3	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	139.162.58.205 139.162.58.205	63949 (LINODE-AP...) (LINODE-AP Linode)
3	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
3	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
7 7	18.185.180.173 18.185.180.173	16509 (AMAZON-02) (AMAZON-02)
2 2	3.120.162.24 3.120.162.24	16509 (AMAZON-02) (AMAZON-02)
4 8	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
1 1	65.9.96.27 65.9.96.27	16509 (AMAZON-02) (AMAZON-02)
1 1	35.210.239.72 35.210.239.72	19527 (GOOGLE-2) (GOOGLE-2)
4 7	54.171.173.220 54.171.173.220	16509 (AMAZON-02) (AMAZON-02)
3	104.111.246.202 104.111.246.202	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
3 3	35.176.88.2 35.176.88.2	16509 (AMAZON-02) (AMAZON-02)
6 9	54.88.18.91 54.88.18.91	14618 (AMAZON-AES) (AMAZON-AES)
3 3	185.29.135.42 185.29.135.42	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 7	51.210.112.236 51.210.112.236	16276 (OVH) (OVH)
3 4	52.49.20.76 52.49.20.76	16509 (AMAZON-02) (AMAZON-02)
2 4	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
3 6	136.243.148.229 136.243.148.229	24940 (HETZNER-AS) (HETZNER-AS)
5 8	136.144.49.28 136.144.49.28	54825 (PACKET) (PACKET)
6 6	3.124.119.192 3.124.119.192	16509 (AMAZON-02) (AMAZON-02)
3 6	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 2	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
274	53

9 5.57.226.202 (Madrid, Spain)

ASN29119 (SERVIHOSTING-AS AireNetworks, ES)

secure01b-bbt.webcindario.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:dc8 (United States)

ASN13335 (CLOUDFLARENET, US)

hosting.miarroba.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.64.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-64-195.eu-west-1.compute.amazonaws.com

des.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.255.248.54 (Netherlands)

ASN60626 (LEASEWEBCDN, NL)

img.sunmediaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.92.55.6 (Spain)

ASN24592 (NEXICA-AS, ES)
PTR: unamed.nexica.net

play.sunmediaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.89.234.150 (France)

ASN16276 (OVH, FR)
PTR: ns31195936.ip-51-89-234.eu

static.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
services.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.131.72.148 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-72-148.us-east-2.compute.amazonaws.com

servingcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:64::210:6b1a (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

ads.projectagoraservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6812:3c5e (United States)

ASN13335 (CLOUDFLARENET, US)

projectagora.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:aa00:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.60.133 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.133.60.69.159.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.50.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-50-79.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.172.38 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

projectagora-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

110 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.240.209.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

projectagora-483829-hdb.adomik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.195.240.234 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 141.226.228.48 (Netherlands) 6 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 198.148.27.139 (New York, United States) 3 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.17.253.7 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.52.2.39 (United States) 1 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.161.8.247 (Boardman, United States) 3 redirects

ASN16509 (AMAZON-02, US)

www.storygize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 174.137.133.49 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.151 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.162.58.205 (Singapore) 3 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.185.180.173 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.162.24 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

prod.perf-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.23.102 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.27 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.210.239.72 (Mountain View, United States) 1 redirects

ASN19527 (GOOGLE-2, US)

u.ipw.metadsp.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.171.173.220 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.246.202 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-246-202.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.67.61 (United States)

ASN15169 (GOOGLE, US)

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.176.88.2 (London, United Kingdom) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-88-2.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.88.18.91 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.135.42 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.210.112.236 (France) 4 redirects

ASN16276 (OVH, FR)

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.49.20.76 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.120.207.148 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 136.243.148.229 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 136.144.49.28 (Amsterdam, Netherlands) 5 redirects

ASN54825 (PACKET, US)

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.124.119.192 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.79 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
134	taboola.com 6 redirects cdn.taboola.com trc.taboola.com sync.taboola.com match.taboola.com sync-t1.taboola.com cds.taboola.com images.taboola.com	1 MB
20	doubleclick.net 11 redirects stats.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	6 KB
12	pubmatic.com 2 redirects hbopenbid.pubmatic.com simage2.pubmatic.com image8.pubmatic.com image2.pubmatic.com	5 KB
9	liadm.com 6 redirects i.liadm.com	5 KB
9	adnxs.com ib.adnxs.com	7 KB
9	webcindario.com secure01b-bbt.webcindario.com	2 MB
8	exelator.com 5 redirects loadm.exelator.com loada.exelator.com	7 KB
8	openx.net 1 redirects projectagora-d.openx.net eu-u.openx.net us-u.openx.net	3 KB
7	onaudience.com 4 redirects pixel.onaudience.com	3 KB
7	crwdcntrl.net 4 redirects sync.crwdcntrl.net	3 KB
7	bidswitch.net 7 redirects x.bidswitch.net	2 KB
6	yahoo.com 3 redirects ups.analytics.yahoo.com	5 KB
6	advertising.com 6 redirects pixel.advertising.com	2 KB
6	1dmp.io 3 redirects sync.1dmp.io	2 KB
6	zeotap.com mwzeom.zeotap.com	2 KB
6	contextweb.com 3 redirects bh.contextweb.com	2 KB
6	smartadserver.com prg.smartadserver.com rtb-csync.smartadserver.com	3 KB
6	adform.net adx.adform.net	5 KB
6	projectagoraservices.com ads.projectagoraservices.com	30 KB
6	sunmedia.tv static.sunmedia.tv services.sunmedia.tv track.sunmedia.tv	60 KB
5	adsrvr.org 5 redirects match.adsrvr.org	2 KB
5	agkn.com 3 redirects js.agkn.com d.agkn.com aa.agkn.com	4 KB
4	rlcdn.com 2 redirects idsync.rlcdn.com	1 KB
4	ml314.com 3 redirects ml314.com	2 KB
4	lijit.com 1 redirects ce.lijit.com	3 KB
4	mfadsrvr.com 4 redirects rtb.mfadsrvr.com	2 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	mookie1.com odr.mookie1.com	536 B
3	bluekai.com tags.bluekai.com	986 B
3	bttrack.com bttrack.com	1 KB
3	appier.net 3 redirects s.c.appier.net	1 KB
3	criteo.com 3 redirects dis.criteo.com	1 KB
3	emxdgt.com e1.emxdgt.com	297 B
3	adkernel.com dsp.adkernel.com	699 B
3	storygize.net 3 redirects www.storygize.net	1 KB
3	rubiconproject.com pixel.rubiconproject.com	717 B
3	adomik.com projectagora-483829-hdb.adomik.com	309 B
3	google-analytics.com www.google-analytics.com	19 KB
2	perf-serving.com 2 redirects prod.perf-serving.com	1 KB
2	sunmediaads.com img.sunmediaads.com play.sunmediaads.com	33 KB
2	google.de www.google.de	214 B
2	google.com www.google.com	214 B
1	metadsp.co.uk 1 redirects u.ipw.metadsp.co.uk	257 B
1	smadex.com 1 redirects cm.smadex.com	530 B
1	richaudience.com sync.richaudience.com	3 KB
1	projectagora.net projectagora.net	78 KB
1	cloudflare.com cdnjs.cloudflare.com	5 KB
1	servingcdn.net servingcdn.net	9 KB
1	smartclip.net des.smartclip.net
1	quantcount.com rules.quantcount.com	357 B
1	quantserve.com secure.quantserve.com	9 KB
1	googletagmanager.com www.googletagmanager.com	41 KB
1	consensu.org quantcast.mgr.consensu.org
1	miarroba.info hosting.miarroba.info	745 B
0	gumgum.com Failed rtb.gumgum.com Failed
0	id5-sync.com Failed id5-sync.com Failed
274	56

	Domain	Requested by
42	images.taboola.com	cdn.taboola.com secure01b-bbt.webcindario.com
36	cdn.taboola.com	secure01b-bbt.webcindario.com cdn.taboola.com
29	trc.taboola.com	cdn.taboola.com
15	sync.taboola.com	6 redirects
10	cm.g.doubleclick.net	7 redirects
9	i.liadm.com	6 redirects
9	ib.adnxs.com	projectagora.net cdn.taboola.com
9	secure01b-bbt.webcindario.com	secure01b-bbt.webcindario.com
8	ad.doubleclick.net	4 redirects
7	pixel.onaudience.com	4 redirects
7	sync.crwdcntrl.net	4 redirects
7	x.bidswitch.net	7 redirects
6	ups.analytics.yahoo.com	3 redirects
6	pixel.advertising.com	6 redirects
6	loadm.exelator.com	3 redirects
6	sync.1dmp.io	3 redirects
6	mwzeom.zeotap.com	cdn.taboola.com
6	sync-t1.taboola.com
6	bh.contextweb.com	3 redirects
6	hbopenbid.pubmatic.com	projectagora.net
6	adx.adform.net	projectagora.net
6	projectagora-d.openx.net	projectagora.net
6	ads.projectagoraservices.com	cdnjs.cloudflare.com
5	match.adsrvr.org	5 redirects
4	idsync.rlcdn.com	2 redirects
4	ml314.com	3 redirects
4	ce.lijit.com	1 redirects
4	rtb.mfadsrvr.com	4 redirects
4	static.sunmedia.tv	secure01b-bbt.webcindario.com static.sunmedia.tv
3	sync.mathtag.com	3 redirects
3	aa.agkn.com	3 redirects
3	odr.mookie1.com	cdn.taboola.com
3	tags.bluekai.com	cdn.taboola.com
3	cds.taboola.com
3	bttrack.com	cdn.taboola.com
3	s.c.appier.net	3 redirects
3	dis.criteo.com	3 redirects
3	e1.emxdgt.com
3	dsp.adkernel.com	cdn.taboola.com
3	rtb-csync.smartadserver.com
3	www.storygize.net	3 redirects
3	simage2.pubmatic.com
3	pixel.rubiconproject.com	cdn.taboola.com
3	match.taboola.com
3	projectagora-483829-hdb.adomik.com
3	prg.smartadserver.com	projectagora.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	image8.pubmatic.com	1 redirects
2	loada.exelator.com	2 redirects
2	prod.perf-serving.com	2 redirects
2	www.google.de	secure01b-bbt.webcindario.com
2	www.google.com	secure01b-bbt.webcindario.com
2	stats.g.doubleclick.net	www.google-analytics.com
1	us-u.openx.net
1	eu-u.openx.net	1 redirects
1	image2.pubmatic.com	1 redirects
1	u.ipw.metadsp.co.uk	1 redirects
1	cm.smadex.com	1 redirects
1	d.agkn.com	js.agkn.com
1	track.sunmedia.tv
1	sync.richaudience.com	secure01b-bbt.webcindario.com
1	js.agkn.com	secure01b-bbt.webcindario.com
1	projectagora.net	ads.projectagoraservices.com
1	cdnjs.cloudflare.com	servingcdn.net
1	services.sunmedia.tv	static.sunmedia.tv
1	servingcdn.net	img.sunmediaads.com
1	play.sunmediaads.com	img.sunmediaads.com
1	img.sunmediaads.com	secure01b-bbt.webcindario.com
1	des.smartclip.net	secure01b-bbt.webcindario.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	www.googletagmanager.com
1	www.googletagmanager.com	secure01b-bbt.webcindario.com
1	quantcast.mgr.consensu.org	secure01b-bbt.webcindario.com
1	hosting.miarroba.info	secure01b-bbt.webcindario.com
0	rtb.gumgum.com Failed
0	id5-sync.com Failed
274	76

This site contains no links.

Subject Issuer	Validity	Valid
webcindario.com R3	`2020-12-07` - `2021-03-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-16` - `2021-07-16`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.smartclip.net Amazon	`2020-02-29` - `2021-03-29`	a year	crt.sh
leadzuin.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-13` - `2021-07-13`	a year	crt.sh
*.sunmedia.tv COMODO RSA Domain Validation Secure Server CA	`2018-01-19` - `2021-01-18`	3 years	crt.sh
servingcdn.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-11-06`	a year	crt.sh
paadserver.projectagora.info R3	`2020-12-17` - `2021-03-17`	3 months	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.richaudience.com RapidSSL RSA CA 2018	`2019-03-07` - `2021-04-05`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.adomik.com Gandi Standard SSL CA 2	`2020-02-13` - `2021-03-05`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-10-15` - `2021-04-09`	6 months	crt.sh
*.mookie1.com DigiCert SHA2 Secure Server CA	`2020-02-21` - `2021-03-22`	a year	crt.sh
*.liadm.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
*.onaudience.com Certyfikat SSL	`2020-05-28` - `2021-05-28`	a year	crt.sh
*.ml314.com Amazon	`2020-02-17` - `2021-03-17`	a year	crt.sh
sync.1dmp.io Let's Encrypt Authority X3	`2020-11-03` - `2021-02-01`	3 months	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-24` - `2021-04-20`	6 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://secure01b-bbt.webcindario.com/
Frame ID: 59C87DD77463DBD35EAA129EC5770981
Requests: 75 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=264434756&gdpr=&gdpr_consent=&ref=&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Hobbies%20and%20Interests%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: 97A9C24954424B61BD8255E8BDFD70B0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Frame ID: 1347EA7E4C350B71063DAB73C53CAC94
Requests: 12 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Frame ID: 5FE22E7809DA0DEF640852C8222411E2
Requests: 34 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Frame ID: 4375BE59C5AAFF7C29D7391B3AB84DBA
Requests: 12 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Frame ID: 74E4E09C50D695DB18CCD2B42403FC24
Requests: 34 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Frame ID: 40BF153B00C7645DADB96C337ED40049
Requests: 12 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Frame ID: 1312F336714C1FE3CF121AA257A15C4B
Requests: 34 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67&tbid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&query=taboola_hm%3D32adcc31-dc34-4f87-ae68-fd56ec8c7c67&isDirect=0
Frame ID: D2530512E8EBC64778505A521598863F
Requests: 20 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67&tbid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&query=taboola_hm%3D32adcc31-dc34-4f87-ae68-fd56ec8c7c67&isDirect=0
Frame ID: D03FB818AC906A2BBB8CAB09816E6323
Requests: 20 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67&tbid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&query=taboola_hm%3D32adcc31-dc34-4f87-ae68-fd56ec8c7c67&isDirect=0
Frame ID: 4D2D45D709C7EB81931CB95E6184B1C3
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

274
Requests

99 %
HTTPS

23 %
IPv6

56
Domains

76
Subdomains

53
IPs

11
Countries

3257 kB
Transfer

6358 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67&tbid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&query=taboola_hm%3D32adcc31-dc34-4f87-ae68-fd56ec8c7c67&isDirect=0

Request Chain 93

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=5Sf510CMPVs0&ev=1&orig=trc&pid=562107

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEICleoawcXgbputz_LeV3V0&google_cver=1

Request Chain 97

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73&google_tc=

Request Chain 98

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8412426b-3c20-4bf5-9846-4fa8475af5f4

Request Chain 99

https://ce.lijit.com/merge?pid=42&3pid=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 101

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73 HTTP 302
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 105

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=1d614751-7a20-4eb3-8d03-28e4738489e8

Request Chain 106

https://id5-sync.com/s/464/9.gif?puid=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOEHYc2K83iLd2zkdQQC9naUWsZixsuFG1r__YrA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOEHYc2K83iLd2zkdQQC9naUWsZixsuFG1r__YrA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=798826bf-eb57-4f3d-b56b-7d4cbcf24238&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/5/3.gif?puid=69d8b74c23bae79e1c52cc4cdadbc239&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/4/4.gif?puid=90f37b5e-f7a5-4cac-b825-a92f74f81d87&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/108/3/5.gif?puid=247b4bc1-46e4-11eb-bdce-dee31d69c907&gdpr=1&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F2%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F2%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/112/2/6.gif?puid=237E84286BD9FEA6&gdpr=1&gdpr_consent= HTTP 302
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/146/1/7.gif?puid=4c434b91-c71f-4566-a83c-d28f916059f8&gdpr=1&gdpr_consent=

Request Chain 107

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=_0EshYM7DdKnRrO49DfmXw

Request Chain 110

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=36126d3c-e782-4008-911c-3a995209d624&ssp=taboola&user_group=1 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=53be2757-73f1-4083-8387-f039dcc38892

Request Chain 111

https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?;dc_ref=secure01b-bbt.webcindario.com HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_pre=CPHY_9np6e0CFcHGuwgdEm0L_A;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?;dc_ref=secure01b-bbt.webcindario.com

Request Chain 114

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67&tbid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&query=taboola_hm%3D32adcc31-dc34-4f87-ae68-fd56ec8c7c67&isDirect=0

Request Chain 116

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=yzY9D8x7nvvp&ev=1&orig=trc&pid=562107

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEICC2z9mVVmxempDJJdoRdQ&google_cver=1

Request Chain 119

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73

Request Chain 120

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8412426b-3c20-4bf5-9846-4fa8475af5f4

Request Chain 122

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=1d614751-7a20-4eb3-8d03-28e4738489e8

Request Chain 123

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=LDWUHpa7AIWm_tNH9DfmXw

Request Chain 125

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=taboola&bds_param=53be2757-73f1-4083-8387-f039dcc38892 HTTP 302
https://x.bidswitch.net/sync?dsp_id=340&user_id=fdafee33-e048-4b7f-818d-bd5d3c8ef989&expires=10&ssp=taboola&bsw_param=53be2757-73f1-4083-8387-f039dcc38892 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=53be2757-73f1-4083-8387-f039dcc38892

Request Chain 132

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=12c9ef7d-ac50-475c-9f78-e19ca4abc36c-tuct6dfbd73 HTTP 302
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 135

https://id5-sync.com/s/464/9.gif?puid=12c9ef7d-ac50-475c-9f78-e19ca4abc36c-tuct6dfbd73&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/6/2.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/6/2.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/6/2.gif?puid=69d8b74c23bae79e1c52cc4cdadbc239&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/5/3.gif?puid=c152d927-f738-4aa9-9ceb-5a8bf163e2ef&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F4%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F4%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/108/4/4.gif?puid=247b4bc1-46e4-11eb-bdce-dee31d69c907&gdpr=1&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F3%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F3%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/112/3/5.gif?puid=1347BAB4B3B05455&gdpr=1&gdpr_consent= HTTP 302
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/146/2/6.gif?puid=4c434b91-c71f-4566-a83c-d28f916059f8&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F398%2F1%2F7.gif%3Fpuid%3D%24%7Bbase64_profileid%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NjlkOGI3NGMyM2JhZTc5ZTFjNTJjYzRjZGFkYmMyMzk&google_redir=https://id5-sync.com/c/464/398/1/7.gif?puid=NjlkOGI3NGMyM2JhZTc5ZTFjNTJjYzRjZGFkYmMyMzk&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/398/1/7.gif?puid=NjlkOGI3NGMyM2JhZTc5ZTFjNTJjYzRjZGFkYmMyMzk&gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F0%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Request Chain 140

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67&tbid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&query=taboola_hm%3D32adcc31-dc34-4f87-ae68-fd56ec8c7c67&isDirect=0

Request Chain 142

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9oqCPxxAgGB7&ev=1&orig=trc&pid=562107

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEICC2z9mVVmxempDJJdoRdQ&google_cver=1

Request Chain 145

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73

Request Chain 146

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8412426b-3c20-4bf5-9846-4fa8475af5f4

Request Chain 148

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=1d614751-7a20-4eb3-8d03-28e4738489e8

Request Chain 149

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=WLPL6wnxCTCuRUwG9DfmXw

Request Chain 151

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=53be2757-73f1-4083-8387-f039dcc38892&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=taboola&bsw_param=53be2757-73f1-4083-8387-f039dcc38892 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=53be2757-73f1-4083-8387-f039dcc38892

Request Chain 158

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73 HTTP 302
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 161

https://id5-sync.com/s/464/9.gif?puid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F6%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F6%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/6/2.gif?puid=ebfdb4b5-7b06-49e6-89d2-0352a6661122&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/108/5/3.gif?puid=247b4bc1-46e4-11eb-bdce-dee31d69c907&gdpr=1&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F4%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F4%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/112/4/4.gif?puid=F42938D77227E039&gdpr=1&gdpr_consent= HTTP 302
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F3%2F5.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F3%2F5.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F3%2F5.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/146/3/5.gif?puid=4c434b91-c71f-4566-a83c-d28f916059f8&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F398%2F2%2F6.gif%3Fpuid%3D%24%7Bbase64_profileid%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NjlkOGI3NGMyM2JhZTc5ZTFjNTJjYzRjZGFkYmMyMzk&google_redir=https://id5-sync.com/c/464/398/2/6.gif?puid=NjlkOGI3NGMyM2JhZTc5ZTFjNTJjYzRjZGFkYmMyMzk&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/398/2/6.gif?puid=NjlkOGI3NGMyM2JhZTc5ZTFjNTJjYzRjZGFkYmMyMzk&gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F1%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/441/1/7.gif?puid=e_4495d61a-eaa6-4e2a-b07e-9f5c8252e1f6&gdpr=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=69d8b74c23bae79e1c52cc4cdadbc239&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/485/0/8.gif?puid=30582427864988804148535671688645960914&gdpr=1&gdpr_consent=

Request Chain 172

https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?;dc_ref=secure01b-bbt.webcindario.com HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_pre=CID-kNrp6e0CFYq43godCkgEsw;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?;dc_ref=secure01b-bbt.webcindario.com

Request Chain 174

https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73

Request Chain 178

https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73 HTTP 302
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900503646000996782

Request Chain 179

https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73 HTTP 303
https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_li_chk=true&previous_uuid=35904d4e82204153bff717bf8cf3736d HTTP 303
https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F32441%2F0%2F279afebde0304d15bba7e1875c7624cd%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&35904d4e-8220-4153-bff7-17bf8cf3736d&bidder_id=88068&bidder_uuid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&previous_uuid=279afebde0304d15bba7e1875c7624cd HTTP 302
https://i.liadm.com/s/e/32441/0/279afebde0304d15bba7e1875c7624cd?mpid=7156&muid=cf915fe6-37f4-4b00-ac5d-2fe413bb4334

Request Chain 180

https://pixel.onaudience.com/?partner=137085097&mapped=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&mapped=69d8b74c23bae79e1c52cc4cdadbc239 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=8412426b-3c20-4bf5-9846-4fa8475af5f4&icm

Request Chain 181

https://ml314.com/utsync.ashx?eid=50077&et=0&fp=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3615491852978356316 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxNTQ5MTg1Mjk3ODM1NjMxNhAAGg0I9e-Y_wUSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=be33285b070a3a1ad5a126949f46cc28f4edaefe60689ff2c608e6736d9f9d1cf4cb09cee1a4f8eb&person_id=3615491852978356316&eid=50082

Request Chain 182

https://sync.1dmp.io/pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&cs=1

Request Chain 183

https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73 HTTP 302
https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&xl8blockcheck=1

Request Chain 185

https://pixel.advertising.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&apid=UP24f7a7e4-46e4-11eb-aa93-025ff526da38 HTTP 302
https://ups.analytics.yahoo.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&apid=UP24f7a7e4-46e4-11eb-aa93-025ff526da38&verify=true

Request Chain 192

https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73

Request Chain 196

https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73 HTTP 302
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900603646000996835

Request Chain 197

https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73 HTTP 303
https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_li_chk=true&previous_uuid=e9c8e1c1950b42d2be08c9815c6d5c62 HTTP 303
https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F32441%2F0%2F33a3b852fcc647fabc56f457eef85480%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&e9c8e1c1-950b-42d2-be08-c9815c6d5c62&bidder_id=88068&bidder_uuid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&previous_uuid=33a3b852fcc647fabc56f457eef85480 HTTP 302
https://i.liadm.com/s/e/32441/0/33a3b852fcc647fabc56f457eef85480?mpid=7156&muid=cf915fe6-37f4-4b00-ac5d-2fe413bb4334

Request Chain 198

https://pixel.onaudience.com/?partner=137085097&mapped=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26mapped%3D%25%25UID%25%25 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&mapped=a55d5be2bbb9ffc08b8f81c3bd9e9a7b

Request Chain 199

https://ml314.com/utsync.ashx?eid=50077&et=0&fp=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3615491852971540574

Request Chain 200

https://sync.1dmp.io/pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&cs=1

Request Chain 201

https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73 HTTP 302
https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&xl8blockcheck=1

Request Chain 203

https://pixel.advertising.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&apid=UP24f7a855-46e4-11eb-85e9-023b0463e028 HTTP 302
https://ups.analytics.yahoo.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&apid=UP24f7a855-46e4-11eb-85e9-023b0463e028&verify=true

Request Chain 206

https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?;dc_ref=secure01b-bbt.webcindario.com HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_pre=COq2ktrp6e0CFbTJuwgdnH4D9g;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?;dc_ref=secure01b-bbt.webcindario.com

Request Chain 217

https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73

Request Chain 221

https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73 HTTP 302
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900603646000996835

Request Chain 222

https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73 HTTP 303
https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_li_chk=true&previous_uuid=d5ec6d8580f84b0eabc58f88953b4ee6 HTTP 303
https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F32441%2F0%2Fea2a8dd436cc48da801763ae9812abfb%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&d5ec6d85-80f8-4b0e-abc5-8f88953b4ee6&bidder_id=88068&bidder_uuid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&previous_uuid=ea2a8dd436cc48da801763ae9812abfb HTTP 302
https://i.liadm.com/s/e/32441/0/ea2a8dd436cc48da801763ae9812abfb?mpid=7156&muid=cf915fe6-37f4-4b00-ac5d-2fe413bb4334

Request Chain 223

https://pixel.onaudience.com/?partner=137085097&mapped=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26mapped%3D%25%25UID%25%25 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&mapped=a55d5be2bbb9ffc08b8f81c3bd9e9a7b

Request Chain 224

https://ml314.com/utsync.ashx?eid=50077&et=0&fp=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3615491853231063045

Request Chain 225

https://sync.1dmp.io/pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&cs=1

Request Chain 226

https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73 HTTP 302
https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&xl8blockcheck=1

Request Chain 228

https://pixel.advertising.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&apid=UP24f7a855-46e4-11eb-85e9-023b0463e028 HTTP 302
https://ups.analytics.yahoo.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&apid=UP24f7a855-46e4-11eb-85e9-023b0463e028&verify=true

Request Chain 231

https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?;dc_ref=secure01b-bbt.webcindario.com HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_pre=CMbBldrp6e0CFUnAuwgdMtYEzA;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?;dc_ref=secure01b-bbt.webcindario.com

Request Chain 271

https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEYwMkU5MjItQ0ZFRi00RkI3LThCMkUtMzM0NUFDRTc3NjhG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 272

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIpO05IW9CtEK2NV0QxDFH4&google_cver=1

274 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
secure01b-bbt.webcindario.com/ 9 KB
3 KB 150ms
55ms Document
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 3570c0b18a3cf142208724ae1e4d802394bed4fc5c2cd1ebaa37f9ca0379671f

Request headers

:method: GET
:authority: secure01b-bbt.webcindario.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Fri, 25 Dec 2020 19:05:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: __muid=92a1dc2d82e0b4155681145218e90ef90abd6dae; Domain=.webcindario.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:11 GMT; HttpOnly
x-powered-by: Webcindario Hosting Service
content-encoding: gzip

GET
H2 200 b1.png
secure01b-bbt.webcindario.com/images/ 18 KB
18 KB 82ms
81ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure01b-bbt.webcindario.com/images/b1.png
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 4d6162cb417633e25e6d0793bfad0073a7e979c26b20d79a1db660a5e1dc829b

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:12 GMT
last-modified: Thu, 24 Dec 2020 15:20:46 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: "5fe4b1ce-4936"
content-type: image/png
accept-ranges: bytes
content-length: 18742

GET
H2 200 b2.png
secure01b-bbt.webcindario.com/images/ 791 KB
792 KB 82ms
81ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure01b-bbt.webcindario.com/images/b2.png
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 9972169f999912ceec5c30e2ab137849f9814b1e89f7ccffc34f77960ab24e44

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:12 GMT
last-modified: Thu, 24 Dec 2020 15:27:28 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: "5fe4b360-c5bf2"
content-type: image/png
accept-ranges: bytes
content-length: 809970

GET
H2 200 b3.png
secure01b-bbt.webcindario.com/images/ 4 KB
4 KB 79ms
76ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure01b-bbt.webcindario.com/images/b3.png
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 6e32828af19e5c6008e0b3a70816154d630da686054cd315ba9d2df96ea30739

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:12 GMT
last-modified: Wed, 26 Aug 2020 15:34:52 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: "5f46811c-e81"
content-type: image/png
accept-ranges: bytes
content-length: 3713

GET
H2 200 b5.png
secure01b-bbt.webcindario.com/images/ 103 KB
104 KB 79ms
77ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure01b-bbt.webcindario.com/images/b5.png
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 11a96bafc89b47647ee18ddb1c4ab1083a83062ae6e324636db5b5184e522ebb

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:12 GMT
last-modified: Wed, 26 Aug 2020 15:35:22 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: "5f46813a-19cf9"
content-type: image/png
accept-ranges: bytes
content-length: 105721

GET
H2 200 b6.png
secure01b-bbt.webcindario.com/images/ 566 KB
566 KB 79ms
77ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure01b-bbt.webcindario.com/images/b6.png
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: d473b28534c5c4f5392e248e29d83238211e06dfe8f004d18d82e530bb6b3dce

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:12 GMT
last-modified: Wed, 26 Aug 2020 15:36:08 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: "5f468168-8d68c"
content-type: image/png
accept-ranges: bytes
content-length: 579212

GET
H2 200 b7.png
secure01b-bbt.webcindario.com/images/ 24 KB
24 KB 79ms
77ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure01b-bbt.webcindario.com/images/b7.png
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: da3e44c512dcca7b2f1022af09bac0ce9771c28aaf33d9e8681255ec016093d4

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:12 GMT
last-modified: Wed, 26 Aug 2020 15:36:50 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: "5f468192-5ef9"
content-type: image/png
accept-ranges: bytes
content-length: 24313

GET
H2 200 b8.png
secure01b-bbt.webcindario.com/images/ 57 KB
57 KB 79ms
77ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure01b-bbt.webcindario.com/images/b8.png
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 4b6b8041e1825b26316a0c83a84a6f0b6478d915a5ec768e58a616c1c26adbd4

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:12 GMT
last-modified: Wed, 26 Aug 2020 15:37:12 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: "5f4681a8-e42f"
content-type: image/png
accept-ranges: bytes
content-length: 58415

GET
H2 200 b4.png
secure01b-bbt.webcindario.com/images/ 870 B
1022 B 79ms
78ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure01b-bbt.webcindario.com/images/b4.png
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 33783ebe3b85449f292389f603bf1d95cecefb03ad3ba36a78527c6a6af42506

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:12 GMT
last-modified: Wed, 26 Aug 2020 15:35:06 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: "5f46812a-366"
content-type: image/png
accept-ranges: bytes
content-length: 870

GET
H2 200 / Show response
hosting.miarroba.info/ 0
745 B 173ms
155ms Script
application/javascript 2606:4700:20::681a:dc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.miarroba.info/?__muid=92a1dc2d82e0b4155681145218e90ef90abd6dae&h=2046645&t=1608923112&k=fed00b366be2406745b92125259964b3
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cf-request-id: 073ce37a870000175e26344000000001
pragma: no-cache
last-modified: Fri, 25 Dec 2020 19:05:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ag2vIu6BacOySMXQdretT2RupjNM1cMCRwqu00EkXm2SaOqdiEQy8QEMnZgjXmngqrxmxNWnOvgetVqa%2Feo7RLJuprsA5FZamG3MXCfTa0kytBp1pNThW%2BFW4V%2F28vNAKj8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=iso-8859-1
cache-control: no-cache
cf-ray: 6074d50a7eb0175e-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 403 choice.js
quantcast.mgr.consensu.org/choice/d5x2uDVHd7ALE/secure01b-bbt.webcindario.com/ 0
0 50ms
33ms Script
text/html 2600:9000:2156:9200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/d5x2uDVHd7ALE/secure01b-bbt.webcindario.com/choice.js
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 18:59:28 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Thu, 21 May 2020 21:03:42 GMT
server: AmazonS3
age: 1156
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-type: text/html
cache-control: public, max-age=7200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: bF553UIAVF-9zbj3ds6lrjwKLn3C85-Q8PJt1Rtg30F4CZcfnz-wWA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 110 KB
41 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Requested by

Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

620c53ec2b581b075b9003f2ec873fd8148dd5abbadd6b1fcefd0f83ef234c08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41425
x-xss-protection: 0
last-modified: Fri, 25 Dec 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Dec 2020 19:05:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4478
date: Fri, 25 Dec 2020 17:50:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 25 Dec 2020 19:50:34 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 24ms
7ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:12 GMT
content-encoding: gzip
etag: "8q1rat7Mm9i+FVcOidF8/g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 01 Jan 2021 19:05:12 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
75 B 14ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=472700466&t=pageview&_s=1&dl=https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F&ul=en-us&de=UTF-8&dt=Log%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABCAAAAC~&jid=934564512&gjid=1715992987&cid=1895500992.1608923112&tid=UA-597118-7&_gid=1972664269.1608923112&_r=1&gtm=2wgbu0T2VG59&z=975981897

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=472700466&t=pageview&_s=1&dl=https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F&ul=en-us&de=UTF-8&dt=Log%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABCAAAAC~&jid=2131647839&gjid=839474754&cid=1895500992.1608923112&tid=UA-597118-1&_gid=1972664269.1608923112&_r=1&gtm=2wgbu0T2VG59&z=353735144

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-d5x2uDVHd7ALE.js Show response
rules.quantcount.com/ 3 B
357 B 35ms
10ms Script
application/x-javascript 2600:9000:2127:400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 14:12:12 GMT
via: 1.1 1f7383179aa19c47a962c46236696426.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 20:57:48 GMT
server: AmazonS3
age: 25799
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: kUezTBIwvj7q8TviVDaCs2sc0UMWub21yGldfQqV2GtzaWPR581Yvg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
99 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-597118-7&cid=1895500992.1608923112&jid=934564512&gjid=1715992987&_gid=1972664269.1608923112&_u=YEBAAAAACAAAAC~&z=586841062

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 25 Dec 2020 19:05:12 GMT
content-type: text/plain
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-597118-1&cid=1895500992.1608923112&jid=2131647839&gjid=839474754&_gid=1972664269.1608923112&_u=YEDAAAABCAAAAC~&z=203157122

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 25 Dec 2020 19:05:12 GMT
content-type: text/plain
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-597118-7&cid=1895500992.1608923112&jid=934564512&_u=YEBAAAAACAAAAC~&z=1845007698

Requested by

Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 22ms
22ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-597118-7&cid=1895500992.1608923112&jid=934564512&_u=YEBAAAAACAAAAC~&z=1845007698

Requested by

Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
19ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-597118-1&cid=1895500992.1608923112&jid=2131647839&_u=YEDAAAABCAAAAC~&z=495727687

Requested by

Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 20ms
19ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-597118-1&cid=1895500992.1608923112&jid=2131647839&_u=YEDAAAABCAAAAC~&z=495727687

Requested by

Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 ads Show response
des.smartclip.net/ 0
0 116ms
37ms Script
application/xml 34.253.64.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://des.smartclip.net/ads?type=dyn&plc=75133&elementId=92a1dc2d82e0b4155681145218e90ef90abd6dae&sz=400x320&rnd=29018065
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.64.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-64-195.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true

GET
H2 200 lz_loader.js Show response
img.sunmediaads.com/ads/ 112 KB
32 KB 386ms
314ms Script
text/javascript 89.255.248.54
LEASEWEBCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.255.248.54 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software: leasewebcdn/5.4.2 /
Resource Hash: 7c074d5639b08b7eee3923842b52d5333c37eceb96baf14ee213584981066fe5

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:12 GMT
content-encoding: gzip
cdn-cache-hit: 0
last-modified: Sun, 05 Apr 2020 16:15:53 GMT
server: leasewebcdn/5.4.2
etag: W/"657864920"
content-type: text/javascript
cdn-cache: MISS
cache-control: max-age=0
cdn-node: AMS1-SO01004
expires: Fri, 25 Dec 2020 19:05:12 GMT

GET
H/1.1 200
OK zone.php Show response
play.sunmediaads.com/red/ 516 B
879 B 309ms
53ms Script
text/html 212.92.55.6
NEXICA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://play.sunmediaads.com/red/zone.php?code=HEZRL65RXYI2&a=&pubid=&lgid=4578603220.6689032874455054
Requested by: Host: img.sunmediaads.com
URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.92.55.6 , Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS: unamed.nexica.net
Software: Apache /
Resource Hash: 43b9d30c68e6583a9fd1779713362522eb175ccb318e252387f3e955156acee6

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Dec 2020 19:05:12 GMT
Server: Apache
Connection: close
Content-Length: 516
Content-Type: text/html; charset=UTF-8

GET
H2 200 8c4105a4-90ec-434c-bf14-82b194e3019f.js Show response
static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/ 181 KB
51 KB 110ms
34ms Script
application/javascript 51.89.234.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.234.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31195936.ip-51-89-234.eu
Software: nginx /
Resource Hash: 688d136306f3b37ca1bb0fff96c65d0e6fb1f23ed44c1873d5afe8b7dbbcad28

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:13 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Mon, 21 Dec 2020 14:17:10 GMT
server: nginx
age: 333182
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
cache-control: max-age=0, s-maxage=2592001
access-control-allow-credentials: true
content-length: 51809
accept-ranges: bytes
x-device: mobile

GET
H2 200 / Show response
servingcdn.net/ 28 KB
9 KB 351ms
120ms Script
application/javascript 3.131.72.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=
Requested by: Host: img.sunmediaads.com
URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.131.72.148 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-131-72-148.us-east-2.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: e5c39ad732b2bd59a4f7fcfba22b111b16b5e2136937259a7a9a12e62b345020

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:13 GMT
content-encoding: gzip
server: nginx/1.16.1
x-powered-by: Express
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: -1

GET
H2 200 geocity.php Show response
services.sunmedia.tv/geotarget/ 465 B
718 B 103ms
34ms XHR
application/json 51.89.234.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://services.sunmedia.tv/geotarget/geocity.php
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.234.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31195936.ip-51-89-234.eu
Software: nginx /
Resource Hash: 3f0bcd618a7d3c5da442f97ae65f9ebb16fe2cfb0a6f8f65861db5e3285e2ef6

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:13 GMT
tp-cache: HIT
server: nginx
age: 194
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 465

GET
H2 200 inhome-1-0.json Show response
static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/ 3 KB
3 KB 101ms
34ms XHR
application/json 51.89.234.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/inhome-1-0.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.234.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31195936.ip-51-89-234.eu
Software: nginx /
Resource Hash: e3802f02f4480d3b247af948f029fc343b6947d933a8dc978a738be684e7a3f7

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:13 GMT
tp-cache: HIT
last-modified: Tue, 01 Dec 2020 14:41:43 GMT
server: nginx
age: 333191
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
content-length: 2788
accept-ranges: bytes
x-device: mobile

GET
H2 200 outstream.json Show response
static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/ 3 KB
3 KB 102ms
35ms XHR
application/json 51.89.234.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/outstream.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.234.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31195936.ip-51-89-234.eu
Software: nginx /
Resource Hash: 1b7b30e5d39ee70ff4346e1a6866466a63ac691d2d47233c35b0a739666f2920

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:13 GMT
tp-cache: HIT
last-modified: Fri, 16 Oct 2020 16:17:06 GMT
server: nginx
age: 333192
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
content-length: 2845
accept-ranges: bytes
x-device: mobile

GET
H2 200 adblockDetector.min.js Show response
static.sunmedia.tv/AdBlockDetection/ 3 KB
2 KB 34ms
33ms Script
application/javascript 51.89.234.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?ref=https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.234.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31195936.ip-51-89-234.eu
Software: nginx /
Resource Hash: 051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:13 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Mon, 21 Dec 2020 17:00:21 GMT
server: nginx
age: 261939
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, s-maxage=2592000
x-device: mobile
accept-ranges: bytes
content-length: 1634

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 17 KB
5 KB 22ms
21ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js

Requested by

Host: servingcdn.net
URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 768595
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 5117
cf-request-id: 073ce37f870000c795bc216000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-45f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0Srpoi7HF8jNyDNIrkSLQdtzaSg%2BGwEJ5eNMwqV5kjLpz5ZzF0B8ornWlhpZpX3FR6uezCPmgYKMzwPJvl%2Fw1KFsyJwM1fW5a6wQYyBP8DQz1Oz5z4NyrJ3jWYd%2BetgMFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6074d5127dafc795-AMS
expires: Wed, 15 Dec 2021 19:05:13 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ 22 KB
6 KB 28ms
8ms Script
application/javascript 2a02:26f0:64::210:6b1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=5734
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6b1a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ce347d6dfb58eb986351695bfc565ffb59d30714dcbbf12bce99e5fb06071719

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:14 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 6280
expires: Fri, 25 Dec 2020 19:05:14 GMT

GET
H2 200 prebid.3-25.js Show response
projectagora.net/libs/prebidv3/ 269 KB
78 KB 45ms
25ms Script
application/javascript 2606:4700:3035::6812:3c5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5734
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3c5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f33f8c271b704a3a06db5ef14daa0a3b18e35643df7678ca1128e7500dc5728f

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3453
x-amz-request-id: 1C0BB82659703273
x-amz-id-2: f2ohlazMYHd1sO748UOacqmBaHlgPkG4cgIu0XKpMiotASccY297XIlnZM9UtYJG9z3h8FdmAV8=
last-modified: Wed, 14 Oct 2020 14:40:15 GMT
server: cloudflare
etag: W/"0926c1cca7636a4e7a577e89f647addf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QvFkcKgZsAeLCNy610sZsAjj1ZSpX%2BBPE8di3tJsOx97DIhEl7nLpK4wxB3avgO3PFZVLkkfUvR44vuotnduHsFmwBfNOPhtByL6vp4KYNKEyY8TSLSC%2FcTI442W"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 073ce383bb0000c2f4fa03b000000001
cf-ray: 6074d5192d1fc2f4-FRA

GET
H2 200 / Show response
ads.projectagoraservices.com/ 14 KB
4 KB 7ms
6ms Script
application/javascript 2a02:26f0:64::210:6b1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=5719
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6b1a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c2b19343a0c70e8766ab29db692677c2ea099f7e8bcc1aac528c7294e422d55f

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:14 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 3724
expires: Fri, 25 Dec 2020 19:05:14 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ 22 KB
6 KB 7ms
7ms Script
application/javascript 2a02:26f0:64::210:6b1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=5734
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6b1a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ce347d6dfb58eb986351695bfc565ffb59d30714dcbbf12bce99e5fb06071719

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:14 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 6280
expires: Fri, 25 Dec 2020 19:05:14 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ 14 KB
4 KB 7ms
6ms Script
application/javascript 2a02:26f0:64::210:6b1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=5719
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6b1a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c2b19343a0c70e8766ab29db692677c2ea099f7e8bcc1aac528c7294e422d55f

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:14 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 3724
expires: Fri, 25 Dec 2020 19:05:14 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ 22 KB
6 KB 8ms
7ms Script
application/javascript 2a02:26f0:64::210:6b1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=5734
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6b1a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ce347d6dfb58eb986351695bfc565ffb59d30714dcbbf12bce99e5fb06071719

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:14 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 6280
expires: Fri, 25 Dec 2020 19:05:14 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ 14 KB
4 KB 7ms
6ms Script
application/javascript 2a02:26f0:64::210:6b1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=5719
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6b1a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c2b19343a0c70e8766ab29db692677c2ea099f7e8bcc1aac528c7294e422d55f

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:14 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 3724
expires: Fri, 25 Dec 2020 19:05:14 GMT

GET
H2 200 tag.js Show response
js.agkn.com/prod/v0/ 3 KB
3 KB 31ms
6ms Script
application/javascript 2600:9000:206f:aa00:15:efbc:e300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.agkn.com/prod/v0/tag.js
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:aa00:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 05:59:48 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Tue, 22 Oct 2019 20:22:52 GMT
server: AmazonS3
age: 47128
etag: "f53f55cbab099be3a970b446a66c496a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 3167
x-amz-cf-id: 7K0Tx9W6kUoBDlmVvjLBmSLf-jCTcASTyM7uN-ulRFA8sBQxNmnfSg==

GET
H/1.1 200
OK / Show response
sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/ 3 KB
3 KB 89ms
29ms Script
text/javascript 159.69.60.133
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.69.60.133 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.133.60.69.159.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: ae54018f777765f8c4ae2511b16af69d01f891eecb7b1ae01955ef2369c625e4

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Dec 2020 19:05:15 GMT
Server: nginx/1.14.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H2 200 /
track.sunmedia.tv/ 42 B
278 B 35ms
33ms Image
image/gif 51.89.234.150
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=op&pb=1&pos=no-pos&loop=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.234.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31195936.ip-51-89-234.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:15 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 261941
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H/1.1 200
OK Cookie set /
d.agkn.com/iframe/8613/ Frame 97A9 0
0 24ms
24ms Document
text/html 3.121.50.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/8613/?che=264434756&gdpr=&gdpr_consent=&ref=&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Hobbies%20and%20Interests%22%2C%22brd%22%3A%22-1%22%7D
Requested by: Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.50.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-50-79.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Host: d.agkn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://secure01b-bbt.webcindario.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure01b-bbt.webcindario.com/

Response headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Fri, 25 Dec 2020 19:05:15 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3AdHFhPHSmna%2BRgIbO11KbOHdRfKvY5bp2;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure u=C|0AEAnePRrJ3j0awAAAAAAAg1RAQCADVIBAIA;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
Content-Length: 481
Connection: keep-alive

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
847 B 71ms
23ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

2087a4e9d8db7289c982949c16f28e5d36d4e14def7dc6126b7ec154c4036bf9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:22 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.147:80
AN-X-Request-Uuid: d083e52d-82a0-42c3-ac32-81a3da8a7448
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://secure01b-bbt.webcindario.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
projectagora-d.openx.net/w/1.0/ 172 B
567 B 67ms
30ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=33481a37-2f0f-42f2-aef8-ae22058f993c&nocache=1608923122489&gdpr=0&x_gdpr_f=1&schain=1.0%2C0!projectagora.com%2C101038%2C1%2C%2C%2C&aus=300x250&divIds=17556235_indice-h.webcindario.com_ros_300x250&auid=541069148
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.199.0 /
Resource Hash: cac1cffb1f7ee381952ac307a2390f184712b5b7a22b66b82c6e75e376957aea

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:22 GMT
content-encoding: gzip
server: OXGW/16.199.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
458 B 358ms
298ms XHR
application/json 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTgyMTc3MSZ0cmFuc2FjdGlvbklkPTMzNDgxYTM3LTJmMGYtNDJmMi1hZWY4LWFlMjIwNThmOTkzYw%3D%3D&pt=gross&stid=434ad1e0-2539-408d-8408-c351087e0481&gdpr=0&gdpr_consent=undefined&fd=1

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:22 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
69 B 95ms
62ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://secure01b-bbt.webcindario.com
date: Fri, 25 Dec 2020 19:05:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
726 B 68ms
24ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:22 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.26:80
AN-X-Request-Uuid: 7c90b633-3946-4893-b38e-38523e4e1124
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://secure01b-bbt.webcindario.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
projectagora-d.openx.net/w/1.0/ 171 B
353 B 64ms
31ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=88290a8b-4d46-4be7-8c41-2faf345c635a&nocache=1608923122494&gdpr=0&x_gdpr_f=1&schain=1.0%2C0!projectagora.com%2C101038%2C1%2C%2C%2C&aus=300x600&divIds=17556238_indice-h.webcindario.com_ros_300x600&auid=541069149
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.199.0 /
Resource Hash: 43be4c490263685dbe90bd202cc46cbb42269c0c446df4ccd620b80a7250aa9a

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:22 GMT
content-encoding: gzip
server: OXGW/16.199.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 162
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
69 B 139ms
109ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://secure01b-bbt.webcindario.com
date: Fri, 25 Dec 2020 19:05:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 93ms
42ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:21 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 2 KB
2 KB 355ms
300ms XHR
application/json 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTgyMTc3MyZ0cmFuc2FjdGlvbklkPTg4MjkwYThiLTRkNDYtNGJlNy04YzQxLTJmYWYzNDVjNjM1YQ%3D%3D&pt=gross&stid=8eb9061c-d2b0-46dd-90a2-1a1ec3963bd7&gdpr=0&gdpr_consent=undefined&fd=1

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

37fe35111d7c5111b64cb763dee7012e6d745754661a8873fe00c447e0b05b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:22 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
125 B 85ms
57ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://secure01b-bbt.webcindario.com
date: Fri, 25 Dec 2020 19:05:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
848 B 95ms
51ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

436260ec7b1acf3af87e7e2e8afd28cef5c66bc601f76e5e1932b521786f446b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:22 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.149:80
AN-X-Request-Uuid: cd33978f-06ba-4891-90d9-72337aec61ed
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://secure01b-bbt.webcindario.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
projectagora-d.openx.net/w/1.0/ 172 B
357 B 59ms
30ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=126d5347-a86b-4f7e-8a10-d5de11d7dfa8&nocache=1608923122499&gdpr=0&x_gdpr_f=1&schain=1.0%2C0!projectagora.com%2C101038%2C1%2C%2C%2C&aus=300x250&divIds=17556235_indice-h.webcindario.com_ros_300x250&auid=541069148
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.199.0 /
Resource Hash: 762dea92c558768a1b330ae7f2c91e4c93b42644627a097beab3c10f84a70f0d

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:22 GMT
content-encoding: gzip
server: OXGW/16.199.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 162
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
457 B 355ms
303ms XHR
application/json 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTgyMTc3MSZ0cmFuc2FjdGlvbklkPTEyNmQ1MzQ3LWE4NmItNGY3ZS04YTEwLWQ1ZGUxMWQ3ZGZhOA%3D%3D&pt=gross&stid=e16caad0-0c9e-41a2-a7de-26044e656437&gdpr=0&gdpr_consent=undefined&fd=1

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:22 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
69 B 82ms
58ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://secure01b-bbt.webcindario.com
date: Fri, 25 Dec 2020 19:05:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 / Show response
adx.adform.net/adx/ 2 KB
2 KB 373ms
323ms XHR
application/json 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTgyMTc3MyZ0cmFuc2FjdGlvbklkPWM1NTgxZWViLWQzMzctNDNiZS04ZGM1LWNhMzExNDgyMjM2Mw%3D%3D&pt=gross&stid=d20853f8-77cd-4b5c-98eb-4bfa7ab1b12e&gdpr=0&gdpr_consent=undefined&fd=1

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d76cc60f0972cd43f90f0ee51846797c65b09dd1d2ed0435263401133a25a159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:22 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 arj Show response
projectagora-d.openx.net/w/1.0/ 172 B
354 B 55ms
30ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=c5581eeb-d337-43be-8dc5-ca3114822363&nocache=1608923122502&gdpr=0&x_gdpr_f=1&schain=1.0%2C0!projectagora.com%2C101038%2C1%2C%2C%2C&aus=300x600&divIds=17556238_indice-h.webcindario.com_ros_300x600&auid=541069149
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.199.0 /
Resource Hash: cc9fb73b14fad55cd992a089faa6c45d2b2c1b0af1d3b715a8f774a7fe0e9e1c

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:22 GMT
content-encoding: gzip
server: OXGW/16.199.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 74ms
26ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:22 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
726 B 68ms
24ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:22 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.11:80
AN-X-Request-Uuid: d06fb8b2-ccc1-463f-8d15-617134913d38
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://secure01b-bbt.webcindario.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
projectagora-d.openx.net/w/1.0/ 172 B
354 B 33ms
32ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=a83d484b-06d4-4d81-b02e-43280f71cc7e&nocache=1608923122850&gdpr=0&x_gdpr_f=1&schain=1.0%2C0!projectagora.com%2C101038%2C1%2C%2C%2C&aus=300x250&divIds=17556235_indice-h.webcindario.com_ros_300x250&auid=541069148
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.199.0 /
Resource Hash: b3c139af9f5317dd4721da555d325dce2e70e82c66a71999b7f9c643db4d98fa

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:22 GMT
content-encoding: gzip
server: OXGW/16.199.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
457 B 75ms
75ms XHR
application/json 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTgyMTc3MSZ0cmFuc2FjdGlvbklkPWE4M2Q0ODRiLTA2ZDQtNGQ4MS1iMDJlLTQzMjgwZjcxY2M3ZQ%3D%3D&pt=gross&stid=95db6820-bad4-4c67-9174-205e09514a09&gdpr=0&gdpr_consent=undefined&fd=1

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:22 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
69 B 101ms
101ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://secure01b-bbt.webcindario.com
date: Fri, 25 Dec 2020 19:05:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
846 B 25ms
25ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

ea1016daa8463fb67914a198f8cb8403d90e4fa381b9fcd5a195947aa01bc4ca

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:22 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.47:80
AN-X-Request-Uuid: ac080beb-3cbf-4eb6-9614-6242fe8609f8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://secure01b-bbt.webcindario.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/ Frame 1347 69 KB
19 KB 174ms
126ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef913f1b1f2132ba1e2ec53822307ae9fec4f6689efed38796061f49dc4ba8e8

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: R2ey6uncAt.VOugqnzs5DxmYMgUU3fRa
content-encoding: gzip
etag: "0dcf00dd2ff80a4aa244a99ef68a9bf1"
age: 0
x-cache: HIT
content-length: 19197
x-amz-id-2: NYCY1IDKR56VlVScg5T9gw5M9TNK/0hm6TFRTL09N99jjpwWvmwijpohDO/a5fate2Zq3sd79N0=
x-served-by: cache-fra19166-FRA
last-modified: Thu, 24 Dec 2020 14:17:30 GMT
server: AmazonS3
x-timer: S1608923123.910632,VS0,VE98
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 2501A56B07AF5740
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 54
x-cache-hits: 3

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ 0
103 B 153ms
34ms Image
text/plain 34.240.209.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiOTVkYjY4MjAtYmFkNC00YzY3LTkxNzQtMjA1ZTA5NTE0YTA5IiwiaG9zdG5hbWUiOiJzZWN1cmUwMWItYmJ0LndlYmNpbmRhcmlvLmNvbSIsImV2ZW50c0J5UGxhY2VtZW50Q29kZSI6W3sic2l6ZXMiOltdLCJldmVudHMiOnsicmVxdWVzdHMiOlt7ImJpZGRlciI6Ik9QRU5YIn0seyJiaWRkZXIiOiJPUEVOWCJ9LHsiYmlkZGVyIjoiQURGT1JNIn0seyJiaWRkZXIiOiJQVUJNQVRJQyJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=95db6820-bad4-4c67-9174-205e09514a09&part=0&on=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.209.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 25 Dec 2020 19:05:22 GMT
Server: nginx

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
726 B 26ms
26ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:22 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.40:80
AN-X-Request-Uuid: 14129e73-8fed-42ad-aa74-c6970ebe8ea5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://secure01b-bbt.webcindario.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
69 B 49ms
49ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://secure01b-bbt.webcindario.com
date: Fri, 25 Dec 2020 19:05:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 25ms
25ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:22 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H2 200 arj Show response
projectagora-d.openx.net/w/1.0/ 172 B
359 B 29ms
28ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=8cceb012-60b1-4e7b-b581-e15cc3c8c085&nocache=1608923122862&gdpr=0&x_gdpr_f=1&schain=1.0%2C0!projectagora.com%2C101038%2C1%2C%2C%2C&aus=300x600&divIds=17556238_indice-h.webcindario.com_ros_300x600&auid=541069149
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.199.0 /
Resource Hash: 6f5d526c6f8223bf31c049316789622f8ea942e3f74d2578c25ea5ea52d21480

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:22 GMT
content-encoding: gzip
server: OXGW/16.199.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
457 B 107ms
107ms XHR
application/json 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTgyMTc3MyZ0cmFuc2FjdGlvbklkPThjY2ViMDEyLTYwYjEtNGU3Yi1iNTgxLWUxNWNjM2M4YzA4NQ%3D%3D&pt=gross&stid=73cf483d-e0f8-4799-89a7-e255bc9ec208&gdpr=0&gdpr_consent=undefined&fd=1

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:22 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/ Frame 5FE2 69 KB
19 KB 162ms
125ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 365365fe04f0a45a2ace05b4e47705eb0a9cdbc9a91310673efa51a0e2771e63

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: xAlg24rFhrrYs1x96nwS0QXfwG9g0Im2
content-encoding: gzip
etag: "36d4a1ea38aed7fd672ba7cf7384b2ac"
age: 0
x-cache: HIT
content-length: 19195
x-amz-id-2: YYhgyIstIE4EiwtvNHVLWhdYMfX+2BP/BXUO4xkspu46QmDU0Dm3/eO26ddIuTc578nb6MLY3qM=
x-served-by: cache-fra19166-FRA
last-modified: Thu, 24 Dec 2020 14:09:12 GMT
server: AmazonS3
x-timer: S1608923123.910582,VS0,VE100
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 594019F4018E7B5B
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 54
x-cache-hits: 3

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ 0
103 B 144ms
33ms Image
text/plain 34.240.209.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNzNjZjQ4M2QtZTBmOC00Nzk5LTg5YTctZTI1NWJjOWVjMjA4IiwiaG9zdG5hbWUiOiJzZWN1cmUwMWItYmJ0LndlYmNpbmRhcmlvLmNvbSIsImV2ZW50c0J5UGxhY2VtZW50Q29kZSI6W3sic2l6ZXMiOltdLCJldmVudHMiOnsicmVxdWVzdHMiOlt7ImJpZGRlciI6IkFQUE5FWFVTIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifSx7ImJpZGRlciI6Ik9QRU5YIn0seyJiaWRkZXIiOiJBREZPUk0ifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX0seyJwbGFjZW1lbnRDb2RlIjoiMTc1NTYyMzhfaW5kaWNlLWgud2ViY2luZGFyaW8uY29tX3Jvc18zMDB4NjAwIiwic2l6ZXMiOlt7IndpZHRoIjozMDAsImhlaWdodCI6NjAwfV0sImV2ZW50cyI6eyJyZXF1ZXN0cyI6W10sInJlc3BvbnNlcyI6W3siYmlkZGVyIjoiQURGT1JNIiwicGxhY2VtZW50Q29kZSI6IjE3NTU2MjM4X2luZGljZS1oLndlYmNpbmRhcmlvLmNvbV9yb3NfMzAweDYwMCIsImlkIjoiNTUwMTYyMWRlYjI2ODdjIiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAuMDg1MDk5MzUwMTYwMTc2OTUsInNpemUiOnsid2lkdGgiOjMwMCwiaGVpZ2h0Ijo2MDB9LCJ0aW1lVG9SZXNwb25kIjozNjcsImFmdGVyVGltZW91dCI6ZmFsc2V9LHsiYmlkZGVyIjoiQURGT1JNIiwicGxhY2VtZW50Q29kZSI6IjE3NTU2MjM4X2luZGljZS1oLndlYmNpbmRhcmlvLmNvbV9yb3NfMzAweDYwMCIsImlkIjoiNTUwMTYyMWRlYjI2ODdjIiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAuMDg1MDk5MzUwMTYwMTc2OTUsInNpemUiOnsid2lkdGgiOjMwMCwiaGVpZ2h0Ijo2MDB9LCJ0aW1lVG9SZXNwb25kIjozNjcsImFmdGVyVGltZW91dCI6ZmFsc2V9XSwid2lubmVycyI6W119fV19&id=73cf483d-e0f8-4799-89a7-e255bc9ec208&part=0&on=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.209.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 25 Dec 2020 19:05:22 GMT
Server: nginx

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/ Frame 4375 69 KB
19 KB 160ms
126ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef913f1b1f2132ba1e2ec53822307ae9fec4f6689efed38796061f49dc4ba8e8

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: R2ey6uncAt.VOugqnzs5DxmYMgUU3fRa
content-encoding: gzip
etag: "0dcf00dd2ff80a4aa244a99ef68a9bf1"
age: 0
x-cache: HIT
content-length: 19197
x-amz-id-2: NYCY1IDKR56VlVScg5T9gw5M9TNK/0hm6TFRTL09N99jjpwWvmwijpohDO/a5fate2Zq3sd79N0=
x-served-by: cache-fra19166-FRA
last-modified: Thu, 24 Dec 2020 14:17:30 GMT
server: AmazonS3
x-timer: S1608923123.910622,VS0,VE98
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 2501A56B07AF5740
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 54
x-cache-hits: 3

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/ Frame 74E4 69 KB
19 KB 149ms
125ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 365365fe04f0a45a2ace05b4e47705eb0a9cdbc9a91310673efa51a0e2771e63

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: xAlg24rFhrrYs1x96nwS0QXfwG9g0Im2
content-encoding: gzip
etag: "36d4a1ea38aed7fd672ba7cf7384b2ac"
age: 0
x-cache: HIT
content-length: 19195
x-amz-id-2: YYhgyIstIE4EiwtvNHVLWhdYMfX+2BP/BXUO4xkspu46QmDU0Dm3/eO26ddIuTc578nb6MLY3qM=
x-served-by: cache-fra19166-FRA
last-modified: Thu, 24 Dec 2020 14:09:12 GMT
server: AmazonS3
x-timer: S1608923123.910594,VS0,VE100
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 594019F4018E7B5B
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 54
x-cache-hits: 3

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ 0
103 B 135ms
35ms Image
text/plain 34.240.209.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNzNjZjQ4M2QtZTBmOC00Nzk5LTg5YTctZTI1NWJjOWVjMjA4IiwiaG9zdG5hbWUiOiJzZWN1cmUwMWItYmJ0LndlYmNpbmRhcmlvLmNvbSIsImV2ZW50c0J5UGxhY2VtZW50Q29kZSI6W3sic2l6ZXMiOltdLCJldmVudHMiOnsicmVxdWVzdHMiOlt7ImJpZGRlciI6IkFQUE5FWFVTIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifSx7ImJpZGRlciI6Ik9QRU5YIn0seyJiaWRkZXIiOiJBREZPUk0ifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX0seyJwbGFjZW1lbnRDb2RlIjoiMTc1NTYyMzhfaW5kaWNlLWgud2ViY2luZGFyaW8uY29tX3Jvc18zMDB4NjAwIiwic2l6ZXMiOlt7IndpZHRoIjozMDAsImhlaWdodCI6NjAwfV0sImV2ZW50cyI6eyJyZXF1ZXN0cyI6W10sInJlc3BvbnNlcyI6W3siYmlkZGVyIjoiQURGT1JNIiwicGxhY2VtZW50Q29kZSI6IjE3NTU2MjM4X2luZGljZS1oLndlYmNpbmRhcmlvLmNvbV9yb3NfMzAweDYwMCIsImlkIjoiNTUwMTYyMWRlYjI2ODdjIiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAuMDg1MDk5MzUwMTYwMTc2OTUsInNpemUiOnsid2lkdGgiOjMwMCwiaGVpZ2h0Ijo2MDB9LCJ0aW1lVG9SZXNwb25kIjozNjcsImFmdGVyVGltZW91dCI6ZmFsc2V9LHsiYmlkZGVyIjoiQURGT1JNIiwicGxhY2VtZW50Q29kZSI6IjE3NTU2MjM4X2luZGljZS1oLndlYmNpbmRhcmlvLmNvbV9yb3NfMzAweDYwMCIsImlkIjoiNTUwMTYyMWRlYjI2ODdjIiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAuMDg1MDk5MzUwMTYwMTc2OTUsInNpemUiOnsid2lkdGgiOjMwMCwiaGVpZ2h0Ijo2MDB9LCJ0aW1lVG9SZXNwb25kIjozNjcsImFmdGVyVGltZW91dCI6ZmFsc2V9LHsiYmlkZGVyIjoiQURGT1JNIiwicGxhY2VtZW50Q29kZSI6IjE3NTU2MjM4X2luZGljZS1oLndlYmNpbmRhcmlvLmNvbV9yb3NfMzAweDYwMCIsImlkIjoiNTZiOTdkZjQ0OTAxMDM5Iiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAuMDg1MDk5MzUwMTYwMTc2OTUsInNpemUiOnsid2lkdGgiOjMwMCwiaGVpZ2h0Ijo2MDB9LCJ0aW1lVG9SZXNwb25kIjozNzUsImFmdGVyVGltZW91dCI6ZmFsc2V9XSwid2lubmVycyI6W119fV19&id=73cf483d-e0f8-4799-89a7-e255bc9ec208&part=0&on=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.209.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 25 Dec 2020 19:05:22 GMT
Server: nginx

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/ Frame 40BF 69 KB
19 KB 59ms
58ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef913f1b1f2132ba1e2ec53822307ae9fec4f6689efed38796061f49dc4ba8e8

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: R2ey6uncAt.VOugqnzs5DxmYMgUU3fRa
content-encoding: gzip
etag: "0dcf00dd2ff80a4aa244a99ef68a9bf1"
age: 0
x-cache: HIT
content-length: 19197
x-amz-id-2: NYCY1IDKR56VlVScg5T9gw5M9TNK/0hm6TFRTL09N99jjpwWvmwijpohDO/a5fate2Zq3sd79N0=
x-served-by: cache-fra19166-FRA
last-modified: Thu, 24 Dec 2020 14:17:30 GMT
server: AmazonS3
x-timer: S1608923123.977466,VS0,VE32
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 2501A56B07AF5740
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 54
x-cache-hits: 3

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/ Frame 1312 69 KB
19 KB 53ms
53ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 365365fe04f0a45a2ace05b4e47705eb0a9cdbc9a91310673efa51a0e2771e63

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: xAlg24rFhrrYs1x96nwS0QXfwG9g0Im2
content-encoding: gzip
etag: "36d4a1ea38aed7fd672ba7cf7384b2ac"
age: 0
x-cache: HIT
content-length: 19195
x-amz-id-2: YYhgyIstIE4EiwtvNHVLWhdYMfX+2BP/BXUO4xkspu46QmDU0Dm3/eO26ddIuTc578nb6MLY3qM=
x-served-by: cache-fra19166-FRA
last-modified: Thu, 24 Dec 2020 14:09:12 GMT
server: AmazonS3
x-timer: S1608923123.982303,VS0,VE29
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 594019F4018E7B5B
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 54
x-cache-hits: 3

GET
H2 200 impl.20201224-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 1347 450 KB
104 KB 23ms
23ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 34facdf1f8057f993bc7f5de07e3ea25a03b66e65d11e6e382823e8db951c2a2

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hCkLwRFR93lYF4VjaYxdmzUTRmbkDmyt
content-encoding: br
etag: "6109e71ba150e60f9c4e0886722c4e04"
age: 580
x-cache: HIT
content-length: 105936
x-amz-id-2: qceVk+JoToV/VV4TM7OPAkyxusVXKI4hvBUG88pvqLlulIdEmq3nBjGMxBzmqrLPKXJVyal+LAE=
x-served-by: cache-fra19166-FRA
last-modified: Thu, 24 Dec 2020 10:53:17 GMT
server: AmazonS3-br
x-timer: S1608923123.055691,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 30E57C9232756344
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 57
x-cache-hits: 3032

GET
H2 200 impl.20201224-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 4375 450 KB
104 KB 30ms
29ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 34facdf1f8057f993bc7f5de07e3ea25a03b66e65d11e6e382823e8db951c2a2

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hCkLwRFR93lYF4VjaYxdmzUTRmbkDmyt
content-encoding: br
etag: "6109e71ba150e60f9c4e0886722c4e04"
age: 580
x-cache: HIT
content-length: 105936
x-amz-id-2: qceVk+JoToV/VV4TM7OPAkyxusVXKI4hvBUG88pvqLlulIdEmq3nBjGMxBzmqrLPKXJVyal+LAE=
x-served-by: cache-fra19166-FRA
last-modified: Thu, 24 Dec 2020 10:53:17 GMT
server: AmazonS3-br
x-timer: S1608923123.060380,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 30E57C9232756344
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 57
x-cache-hits: 3033

GET
H2 200 impl.20201224-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 74E4 450 KB
104 KB 27ms
26ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 34facdf1f8057f993bc7f5de07e3ea25a03b66e65d11e6e382823e8db951c2a2

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hCkLwRFR93lYF4VjaYxdmzUTRmbkDmyt
content-encoding: br
etag: "6109e71ba150e60f9c4e0886722c4e04"
age: 580
x-cache: HIT
content-length: 105936
x-amz-id-2: qceVk+JoToV/VV4TM7OPAkyxusVXKI4hvBUG88pvqLlulIdEmq3nBjGMxBzmqrLPKXJVyal+LAE=
x-served-by: cache-fra19166-FRA
last-modified: Thu, 24 Dec 2020 10:53:17 GMT
server: AmazonS3-br
x-timer: S1608923123.071944,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 30E57C9232756344
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 57
x-cache-hits: 3034

GET
H2 200 impl.20201224-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 5FE2 450 KB
104 KB 29ms
28ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 34facdf1f8057f993bc7f5de07e3ea25a03b66e65d11e6e382823e8db951c2a2

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hCkLwRFR93lYF4VjaYxdmzUTRmbkDmyt
content-encoding: br
etag: "6109e71ba150e60f9c4e0886722c4e04"
age: 580
x-cache: HIT
content-length: 105936
x-amz-id-2: qceVk+JoToV/VV4TM7OPAkyxusVXKI4hvBUG88pvqLlulIdEmq3nBjGMxBzmqrLPKXJVyal+LAE=
x-served-by: cache-fra19166-FRA
last-modified: Thu, 24 Dec 2020 10:53:17 GMT
server: AmazonS3-br
x-timer: S1608923123.076014,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 30E57C9232756344
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 57
x-cache-hits: 3035

GET
H2 200 impl.20201224-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 40BF 450 KB
104 KB 30ms
30ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 34facdf1f8057f993bc7f5de07e3ea25a03b66e65d11e6e382823e8db951c2a2

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hCkLwRFR93lYF4VjaYxdmzUTRmbkDmyt
content-encoding: br
etag: "6109e71ba150e60f9c4e0886722c4e04"
age: 580
x-cache: HIT
content-length: 105936
x-amz-id-2: qceVk+JoToV/VV4TM7OPAkyxusVXKI4hvBUG88pvqLlulIdEmq3nBjGMxBzmqrLPKXJVyal+LAE=
x-served-by: cache-fra19166-FRA
last-modified: Thu, 24 Dec 2020 10:53:17 GMT
server: AmazonS3-br
x-timer: S1608923123.078188,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 30E57C9232756344
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 57
x-cache-hits: 3036

GET
H2 200 impl.20201224-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 1312 450 KB
104 KB 29ms
28ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 34facdf1f8057f993bc7f5de07e3ea25a03b66e65d11e6e382823e8db951c2a2

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hCkLwRFR93lYF4VjaYxdmzUTRmbkDmyt
content-encoding: br
etag: "6109e71ba150e60f9c4e0886722c4e04"
age: 580
x-cache: HIT
content-length: 105936
x-amz-id-2: qceVk+JoToV/VV4TM7OPAkyxusVXKI4hvBUG88pvqLlulIdEmq3nBjGMxBzmqrLPKXJVyal+LAE=
x-served-by: cache-fra19166-FRA
last-modified: Thu, 24 Dec 2020 10:53:17 GMT
server: AmazonS3-br
x-timer: S1608923123.084355,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 30E57C9232756344
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 57
x-cache-hits: 3037

GET
H2 200 json Show response
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/trc/3/ Frame 1347 5 KB
3 KB 123ms
121ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/trc/3/json?tim=20%3A05%3A23.118&lti=deflated&data=%7B%22id%22%3A950%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1608819447932%2C%22vi%22%3A1608923123113%2C%22cv%22%3A%2220201224-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217556235%22%2C%22orig_uip%22%3A%2217556235%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C17556235%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d01011b2cd6d2dc19be6656227818d464428aafc2ef619fb6ebb3cce9d32f46e

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 99
date: Fri, 25 Dec 2020 19:05:23 GMT
content-encoding: gzip
server: nginx
x-timer: S1608923123.127759,VS0,VE99
x-served-by: cache-fra19166-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/trc/3/ Frame 4375 5 KB
3 KB 127ms
127ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/trc/3/json?tim=20%3A05%3A23.172&lti=deflated&data=%7B%22id%22%3A28%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1608819447932%2C%22vi%22%3A1608923123113%2C%22cv%22%3A%2220201224-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217556235%22%2C%22orig_uip%22%3A%2217556235%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C17556235%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7bf7d0b79da16e80aab5ad05b46cbc46e461eb3554fb9a0462a0fba3dfa91ab7

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 103
date: Fri, 25 Dec 2020 19:05:23 GMT
content-encoding: gzip
server: nginx
x-timer: S1608923123.179360,VS0,VE103
x-served-by: cache-fra19166-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/trc/3/ Frame 40BF 5 KB
3 KB 206ms
206ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/trc/3/json?tim=20%3A05%3A23.182&lti=deflated&data=%7B%22id%22%3A311%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1608819447932%2C%22vi%22%3A1608923123113%2C%22cv%22%3A%2220201224-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217556235%22%2C%22orig_uip%22%3A%2217556235%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C17556235%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ed9d4f92980f75122bf4a9900e32f30c98d3cd92083578b50f977337e9b5887

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 184
date: Fri, 25 Dec 2020 19:05:23 GMT
content-encoding: gzip
server: nginx
x-timer: S1608923123.189409,VS0,VE184
x-served-by: cache-fra19166-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ Frame 1347 9 KB
3 KB 23ms
23ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 994f1e42374da62e0cee6d313ded050cf25da1791bc6b93108b6c767ef9ee5c8

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: jMf5pqf.SadM71FjPvdg8VWrEWjJxNjG
content-encoding: gzip
etag: "b1c2e56f4b8971192b6424f549fefefb"
age: 336
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3121
x-amz-id-2: jZj8msKBF7nhBgBqUwZjEjMuym3q02iC09Yz/uusA+umvUkzUI21N1Jzu2M93rK4AxauvOZSZAY=
x-served-by: cache-fra19166-FRA
last-modified: Wed, 16 Dec 2020 10:52:48 GMT
server: AmazonS3
x-timer: S1608923123.256817,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 6C56DDA49CF240A2
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 91
x-cache-hits: 3937

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 1347 3 KB
1 KB 23ms
22ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tcahAQL7SM5vHmChLog9xryayd2KNhUu
content-encoding: gzip
etag: "9e155136143a96e23a99757df9aa3cc8"
age: 6254
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 728
x-amz-id-2: f65xj6iuxogMKrz0V0PcFaMwZec2VDREXRA0jdjbf3aLNlkxtn2vhTmCXQ21535SK5HpYLHFJGI=
x-served-by: cache-fra19166-FRA
last-modified: Sun, 15 Nov 2020 09:20:35 GMT
server: AmazonS3
x-timer: S1608923123.256728,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 414C1B5C7AA1A893
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 91
x-cache-hits: 54911

GET
H2 200 userx.20201224-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 1347 23 KB
8 KB 23ms
23ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20201224-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2077feca4c7d47457b724e1dba0636a33940d419f934bf1e0c6ab10a9bcd8fd

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: lE4X3tXEs7mDYzVypmZ5EKCgkRDT8kLA
content-encoding: gzip
etag: "e87399d926e40ccd04f692acdef11240"
age: 43
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 7880
x-amz-id-2: Pe6L/THlw3IAVpBt903RQAMO2g6pCdWlgu+3MrKvWsy1A19stysaQFF1tAuRBUrjSnULvv0FwgM=
x-served-by: cache-fra19166-FRA
last-modified: Thu, 24 Dec 2020 10:57:26 GMT
server: AmazonS3
x-timer: S1608923123.266858,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 430751D43610ED31
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 91
x-cache-hits: 45

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame D253
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67&tbid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&query=taboola_hm%3D32adcc31-dc34-...

0
54 B

35ms
33ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67&tbid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&query=taboola_hm%3D32adcc31-dc34-4f87-ae68-fd56ec8c7c67&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923123.434046,VS0,VE11
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19166-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67&tbid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&query=taboola_hm%3D32adcc31-dc34-4f87-ae68-fd56ec8c7c67&isDirect=0
tbl-x-upstream: 10.41.34.201:10213
date: Fri, 25 Dec 2020 19:05:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 1993

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame D253 0
239 B 98ms
24ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame D253
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=5Sf510CMPVs0&ev=1&orig=trc&pid=562107

0
217 B

17ms
17ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=5Sf510CMPVs0&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Fri, 25 Dec 2020 19:05:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 1989

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=5Sf510CMPVs0&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-659d447f4f-2bfkj
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame D253 43 B
693 B 26ms
22ms Image
image/gif 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:23 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.252:80
AN-X-Request-Uuid: cb3ccc33-e6f4-4a6b-a696-dc6d51b99622
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame D253
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEICleoawcXgbputz_LeV3V0&google_cver=1

0
207 B

33ms
33ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEICleoawcXgbputz_LeV3V0&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 12
date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923123.417835,VS0,VE12
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19166-FRA

Redirect headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEICleoawcXgbputz_LeV3V0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame D253 42 B
1009 B 98ms
23ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73:$UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:23 GMT
X-lat: Pug23024:0:356
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame D253
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73&google_tc=

170 B
730 B

43ms
30ms

Image
image/png

2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73&google_tc=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 376
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame D253
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8412426b-3c20-4bf5-9846-4fa8475af5f4

0
205 B

31ms
31ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8412426b-3c20-4bf5-9846-4fa8475af5f4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923123.340230,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19166-FRA

Redirect headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8412426b-3c20-4bf5-9846-4fa8475af5f4
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame D253
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

17ms
17ms

Image
text/plain

216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame D253 49 B
406 B 289ms
95ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-659d447f4f-4ld6l
expires: -1

GET
H2

200

rtb-h
sync.taboola.com/sg/storygize-network/1/ Frame D253
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
227 B

16ms
16ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Fri, 25 Dec 2020 19:05:24 GMT
server: nginx
x-fastly-to-nlb-rtt: 8094

Redirect headers

Location: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
Content-Length: 0
expires: 0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame D253 43 B
697 B 81ms
27ms Image
image/gif 185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:22 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame D253 42 B
233 B 308ms
110ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:23 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 200 put
e1.emxdgt.com/ Frame D253 43 B
124 B 117ms
24ms Image
image/gif 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:22 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame D253
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=1d614751-7a20-4eb3-8d03-28e4738489e8

0
227 B

25ms
16ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=1d614751-7a20-4eb3-8d03-28e4738489e8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Fri, 25 Dec 2020 19:05:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 1991

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=1d614751-7a20-4eb3-8d03-28e4738489e8
cache-control: no-cache
date: Fri, 25 Dec 2020 19:05:22 GMT
server-processing-duration-in-ticks: 2035
content-type: text/html; charset=utf-8
content-length: 222
expires: Fri, 25 Dec 2020 00:00:00 GMT

GET

7.gif
id5-sync.com/c/464/146/1/ Frame D253
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOEHYc2K83iLd2zkdQQC9naUWsZixsuFG1r__YrA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOEHYc2K83iLd2zkdQQC9naUWsZixsuFG1r__YrA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=798826bf-eb57-4f3d-b56b-7d4cbcf24238&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/5/3.gif?puid=69d8b74c23bae79e1c52cc4cdadbc239&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/4/4.gif?puid=90f37b5e-f7a5-4cac-b825-a92f74f81d87&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
https://id5-sync.com/c/464/108/3/5.gif?puid=247b4bc1-46e4-11eb-bdce-dee31d69c907&gdpr=1&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F2%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F2%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/112/2/6.gif?puid=237E84286BD9FEA6&gdpr=1&gdpr_consent=
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/146/1/7.gif?puid=4c434b91-c71f-4566-a83c-d28f916059f8&gdpr=1&gdpr_consent=

0
0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame D253
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=_0EshYM7DdKnRrO49DfmXw

0
218 B

17ms
17ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=_0EshYM7DdKnRrO49DfmXw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Fri, 25 Dec 2020 19:05:24 GMT
server: nginx
x-fastly-to-nlb-rtt: 10050

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=_0EshYM7DdKnRrO49DfmXw
date: Fri, 25 Dec 2020 19:05:24 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame D253 35 B
380 B 426ms
106ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName: Track002-dc3
Pragma: no-cache
Date: Fri, 25 Dec 2020 19:04:56 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame D253 0
155 B 267ms
89ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73&_r=5652846
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 25 Dec 2020 19:05:23 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame D253
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=36126d3c-e782-4008-911c-3a995209d624&ssp=taboola&user_group=1
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=53be2757-73f1-4083-8387-f039dcc38892

0
226 B

18ms
18ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=53be2757-73f1-4083-8387-f039dcc38892
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.175:10213
date: Fri, 25 Dec 2020 19:05:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 7954

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=53be2757-73f1-4083-8387-f039dcc38892
date: Fri, 25 Dec 2020 19:05:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-Q050

200

B25126091.291191166;dc_pre=CPHY_9np6e0CFcHGuwgdEm0L_A;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGD...
ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/ Frame 1347
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%...
https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_pre=CPHY_9np6e0CFcHGuwgdEm0L_A;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child...

42 B
515 B

85ms
56ms

Image
image/gif

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_pre=CPHY_9np6e0CFcHGuwgdEm0L_A;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?;dc_ref=secure01b-bbt.webcindario.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_pre=CPHY_9np6e0CFcHGuwgdEm0L_A;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?;dc_ref=secure01b-bbt.webcindario.com
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6e8840569dace49ce9334ca535788561.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1347 52 KB
52 KB 26ms
24ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e8840569dace49ce9334ca535788561.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: af5a8f6c64a181e0ccf8a4168aae045faca88c8c61e5bde24c657a9f22067c9a

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 643589
edge-cache-tag: 397453652855030834564860938788755651292,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e8840569dace49ce9334ca535788561.jpg
content-length: 52981
x-request-id: 79467052c114c254e3219aebe8be13cc
x-served-by: cache-dca17763-DCA, cache-dca17730-DCA, cache-fra19166-FRA
last-modified: Thu, 17 Dec 2020 20:18:31 GMT
server: cloudinary
x-timer: S1608923124.560931,VS0,VE1
etag: "51c372f9b1f422615342cc69eeb8f46f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 1347 254 B
672 B 22ms
22ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 25706
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by: cache-fra19166-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1608923123.296341,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
x-amz-request-id: F6D91014AAA6CDC4
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 91
x-cache-hits: 19741

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame D03F
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67&tbid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&query=taboola_hm%3D32adcc31-dc34-...

0
67 B

31ms
31ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67&tbid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&query=taboola_hm%3D32adcc31-dc34-4f87-ae68-fd56ec8c7c67&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923124.618330,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19166-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67&tbid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&query=taboola_hm%3D32adcc31-dc34-4f87-ae68-fd56ec8c7c67&isDirect=0
tbl-x-upstream: 10.41.22.181:10213
date: Fri, 25 Dec 2020 19:05:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 1988

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame D03F 0
239 B 24ms
23ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame D03F
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=yzY9D8x7nvvp&ev=1&orig=trc&pid=562107

0
217 B

16ms
16ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=yzY9D8x7nvvp&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.64:10213
date: Fri, 25 Dec 2020 19:05:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 4155

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=yzY9D8x7nvvp&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-659d447f4f-2bfkj
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame D03F 43 B
692 B 26ms
26ms Image
image/gif 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:23 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.77:80
AN-X-Request-Uuid: 951f69a6-c4b3-4f2c-b921-93325d0fa73d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame D03F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEICC2z9mVVmxempDJJdoRdQ&google_cver=1

0
234 B

32ms
31ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEICC2z9mVVmxempDJJdoRdQ&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923124.628109,VS0,VE10
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19166-FRA

Redirect headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEICC2z9mVVmxempDJJdoRdQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame D03F
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73

170 B
190 B

17ms
16ms

Image
image/png

2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
tbl-x-upstream: 10.41.34.201:10213
date: Fri, 25 Dec 2020 19:05:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 2897

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame D03F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8412426b-3c20-4bf5-9846-4fa8475af5f4

0
58 B

30ms
30ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8412426b-3c20-4bf5-9846-4fa8475af5f4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923124.672383,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19166-FRA

Redirect headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8412426b-3c20-4bf5-9846-4fa8475af5f4
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame D03F 42 B
233 B 127ms
102ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:23 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame D03F
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=1d614751-7a20-4eb3-8d03-28e4738489e8

0
226 B

17ms
17ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=1d614751-7a20-4eb3-8d03-28e4738489e8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.175:10213
date: Fri, 25 Dec 2020 19:05:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 3210

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=1d614751-7a20-4eb3-8d03-28e4738489e8
cache-control: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
server-processing-duration-in-ticks: 4733
content-type: text/html; charset=utf-8
content-length: 222
expires: Fri, 25 Dec 2020 00:00:00 GMT

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame D03F
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=LDWUHpa7AIWm_tNH9DfmXw

0
218 B

17ms
17ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=LDWUHpa7AIWm_tNH9DfmXw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.195:10213
date: Fri, 25 Dec 2020 19:05:24 GMT
server: nginx
x-fastly-to-nlb-rtt: 10050

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=LDWUHpa7AIWm_tNH9DfmXw
date: Fri, 25 Dec 2020 19:05:24 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame D03F 35 B
380 B 308ms
105ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName: Track002-dc3
Pragma: no-cache
Date: Fri, 25 Dec 2020 19:04:56 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame D03F
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=taboola&bds_param=53be2757-73f1-4083-8387-f039dcc38892
https://x.bidswitch.net/sync?dsp_id=340&user_id=fdafee33-e048-4b7f-818d-bd5d3c8ef989&expires=10&ssp=taboola&bsw_param=53be2757-73f1-4083-8387-f039dcc38892
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=53be2757-73f1-4083-8387-f039dcc38892

0
227 B

16ms
16ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=53be2757-73f1-4083-8387-f039dcc38892
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.201:10213
date: Fri, 25 Dec 2020 19:05:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 9971

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=53be2757-73f1-4083-8387-f039dcc38892
date: Fri, 25 Dec 2020 19:05:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ Frame 4375 9 KB
3 KB 23ms
22ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 994f1e42374da62e0cee6d313ded050cf25da1791bc6b93108b6c767ef9ee5c8

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: jMf5pqf.SadM71FjPvdg8VWrEWjJxNjG
content-encoding: gzip
etag: "b1c2e56f4b8971192b6424f549fefefb"
age: 336
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3121
x-amz-id-2: jZj8msKBF7nhBgBqUwZjEjMuym3q02iC09Yz/uusA+umvUkzUI21N1Jzu2M93rK4AxauvOZSZAY=
x-served-by: cache-fra19166-FRA
last-modified: Wed, 16 Dec 2020 10:52:48 GMT
server: AmazonS3
x-timer: S1608923123.317130,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 6C56DDA49CF240A2
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 29
x-cache-hits: 3939

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 4375 3 KB
998 B 22ms
22ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tcahAQL7SM5vHmChLog9xryayd2KNhUu
content-encoding: gzip
etag: "9e155136143a96e23a99757df9aa3cc8"
age: 6255
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 728
x-amz-id-2: f65xj6iuxogMKrz0V0PcFaMwZec2VDREXRA0jdjbf3aLNlkxtn2vhTmCXQ21535SK5HpYLHFJGI=
x-served-by: cache-fra19166-FRA
last-modified: Sun, 15 Nov 2020 09:20:35 GMT
server: AmazonS3
x-timer: S1608923123.317117,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 414C1B5C7AA1A893
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 29
x-cache-hits: 54913

GET
H2 200 userx.20201224-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 4375 23 KB
8 KB 23ms
22ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20201224-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2077feca4c7d47457b724e1dba0636a33940d419f934bf1e0c6ab10a9bcd8fd

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: lE4X3tXEs7mDYzVypmZ5EKCgkRDT8kLA
content-encoding: gzip
etag: "e87399d926e40ccd04f692acdef11240"
age: 43
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 7880
x-amz-id-2: Pe6L/THlw3IAVpBt903RQAMO2g6pCdWlgu+3MrKvWsy1A19stysaQFF1tAuRBUrjSnULvv0FwgM=
x-served-by: cache-fra19166-FRA
last-modified: Thu, 24 Dec 2020 10:57:26 GMT
server: AmazonS3
x-timer: S1608923123.322944,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 430751D43610ED31
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 29
x-cache-hits: 46

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame D03F 42 B
1009 B 23ms
23ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=12c9ef7d-ac50-475c-9f78-e19ca4abc36c-tuct6dfbd73:$UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:22 GMT
X-lat: Pug23034:0:350
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame D03F 43 B
687 B 18ms
17ms Image
image/gif 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=12c9ef7d-ac50-475c-9f78-e19ca4abc36c-tuct6dfbd73&us_privacy=&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame D03F 49 B
333 B 93ms
93ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=12c9ef7d-ac50-475c-9f78-e19ca4abc36c-tuct6dfbd73

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-659d447f4f-2bfkj
expires: -1

GET
H2

200

rtb-h
sync.taboola.com/sg/storygize-network/1/ Frame D03F
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=12c9ef7d-ac50-475c-9f78-e19ca4abc36c-tuct6dfbd73
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
227 B

17ms
16ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.134:10213
date: Fri, 25 Dec 2020 19:05:24 GMT
server: nginx
x-fastly-to-nlb-rtt: 12524

Redirect headers

Location: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
Content-Length: 0
expires: 0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame D03F 43 B
438 B 25ms
25ms Image
image/gif 185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=12c9ef7d-ac50-475c-9f78-e19ca4abc36c-tuct6dfbd73&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 put
e1.emxdgt.com/ Frame D03F 43 B
75 B 23ms
22ms Image
image/gif 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=12c9ef7d-ac50-475c-9f78-e19ca4abc36c-tuct6dfbd73
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:22 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET

id5
rtb.gumgum.com/getuid/ Frame D03F
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=12c9ef7d-ac50-475c-9f78-e19ca4abc36c-tuct6dfbd73&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/6/2.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/6/2.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/6/2.gif?puid=69d8b74c23bae79e1c52cc4cdadbc239&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/5/3.gif?puid=c152d927-f738-4aa9-9ceb-5a8bf163e2ef&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F4%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F4%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
https://id5-sync.com/c/464/108/4/4.gif?puid=247b4bc1-46e4-11eb-bdce-dee31d69c907&gdpr=1&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F3%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F3%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/112/3/5.gif?puid=1347BAB4B3B05455&gdpr=1&gdpr_consent=
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/146/2/6.gif?puid=4c434b91-c71f-4566-a83c-d28f916059f8&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F398%2F1%2F7....
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NjlkOGI3NGMyM2JhZTc5ZTFjNTJjYzRjZGFkYmMyMzk&google_redir=https://id5-sync.com/c/464/398/1/7.gif?puid=NjlkOGI3NGMyM2JhZTc5ZTFjNTJjY...
https://id5-sync.com/c/464/398/1/7.gif?puid=NjlkOGI3NGMyM2JhZTc5ZTFjNTJjYzRjZGFkYmMyMzk&gdpr=1&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F0%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

0
0

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame D03F 0
155 B 263ms
88ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=12c9ef7d-ac50-475c-9f78-e19ca4abc36c-tuct6dfbd73&_r=7713736
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 25 Dec 2020 19:05:23 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2 204 fix-user-id
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/ Frame 4375 0
220 B 31ms
31ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/fix-user-id?lti=deflated&ri=0b7c88e4f78cdb939683653011de8a34&sd=v2_19185ea0eda9ce0c82cac4827f0a1220_12c9ef7d-ac50-475c-9f78-e19ca4abc36c-tuct6dfbd73_1608923123_1608923123_CIi3jgYQsJRMGKmbqtrpLiABKAEwoQE4l-oLQJWXEEj-0toDUP___________wFYAGAAaOKmqpGyrZficA&ui=12c9ef7d-ac50-475c-9f78-e19ca4abc36c-tuct6dfbd73&pi=/&wi=3538932220208471119&pt=text&vi=1608923123113&time=1608923123310&fromUser=cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73&toUser=12c9ef7d-ac50-475c-9f78-e19ca4abc36c-tuct6dfbd73&fromSD=v2_1b5c6bbbfe65e97e8c32b54f84d9b95b_cd244315-84c7-4567-950e-f388d027581d-tuct6dfbd73_1608923123_1608923123_CNawjgYQsJRMGKmbqtrpLiABKAEwoQE4l-oLQJWXEEj-0toDUP___________wFYAGAAaOKmqpGyrZficA&toSD=v2_19185ea0eda9ce0c82cac4827f0a1220_12c9ef7d-ac50-475c-9f78-e19ca4abc36c-tuct6dfbd73_1608923123_1608923123_CIi3jgYQsJRMGKmbqtrpLiABKAEwoQE4l-oLQJWXEEj-0toDUP___________wFYAGAAaOKmqpGyrZficA&tim=20%3A05%3A23.311&id=1025&llvl=1&cv=20201224-10-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923124.777928,VS0,VE9
x-served-by: cache-fra19166-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 660d4bbe03d8b537b7701ab78865a50c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4375 16 KB
17 KB 26ms
25ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1a5721d954022cfe95c265712b15f6a5c00deb666779162112ba297d5c64b019

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1331422
edge-cache-tag: 345703844043356264111475524258613762013,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Mon, 04 Jan 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
content-length: 16316
x-served-by: cache-dca17762-DCA, cache-dca17737-DCA, cache-fra19166-FRA
last-modified: Fri, 04 Dec 2020 13:14:57 GMT
server: cloudinary
x-timer: S1608923124.809413,VS0,VE3
etag: "8efc7eee106ef446195e6cc7899d6511"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 4375 254 B
694 B 23ms
22ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 25706
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by: cache-fra19166-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1608923123.352067,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
x-amz-request-id: F6D91014AAA6CDC4
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 91
x-cache-hits: 19742

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 4D2D
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67&tbid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&query=taboola_hm%3D32adcc31-dc34-...

0
62 B

30ms
30ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67&tbid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&query=taboola_hm%3D32adcc31-dc34-4f87-ae68-fd56ec8c7c67&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923124.886940,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19166-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32adcc31-dc34-4f87-ae68-fd56ec8c7c67&tbid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&query=taboola_hm%3D32adcc31-dc34-4f87-ae68-fd56ec8c7c67&isDirect=0
tbl-x-upstream: 10.40.0.175:10213
date: Fri, 25 Dec 2020 19:05:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 12413

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 4D2D 0
239 B 24ms
23ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 4D2D
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9oqCPxxAgGB7&ev=1&orig=trc&pid=562107

0
218 B

17ms
17ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9oqCPxxAgGB7&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Fri, 25 Dec 2020 19:05:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 8967

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9oqCPxxAgGB7&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-659d447f4f-2bfkj
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 4D2D 43 B
692 B 24ms
23ms Image
image/gif 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:23 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.46:80
AN-X-Request-Uuid: 18d86811-645a-4621-8026-a33542f85fa3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 4D2D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEICC2z9mVVmxempDJJdoRdQ&google_cver=1

0
59 B

32ms
32ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEICC2z9mVVmxempDJJdoRdQ&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923123.425117,VS0,VE10
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19166-FRA

Redirect headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEICC2z9mVVmxempDJJdoRdQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 4D2D
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73

170 B
190 B

16ms
15ms

Image
image/png

2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
tbl-x-upstream: 10.40.0.199:10213
date: Fri, 25 Dec 2020 19:05:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 1984

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 4D2D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8412426b-3c20-4bf5-9846-4fa8475af5f4

0
79 B

31ms
30ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8412426b-3c20-4bf5-9846-4fa8475af5f4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923124.951738,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19166-FRA

Redirect headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8412426b-3c20-4bf5-9846-4fa8475af5f4
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 4D2D 42 B
233 B 103ms
102ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:23 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 4D2D
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=1d614751-7a20-4eb3-8d03-28e4738489e8

0
227 B

16ms
16ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=1d614751-7a20-4eb3-8d03-28e4738489e8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Fri, 25 Dec 2020 19:05:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 11118

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=1d614751-7a20-4eb3-8d03-28e4738489e8
cache-control: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
server-processing-duration-in-ticks: 2587
content-type: text/html; charset=utf-8
content-length: 222
expires: Fri, 25 Dec 2020 00:00:00 GMT

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 4D2D
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=WLPL6wnxCTCuRUwG9DfmXw

0
219 B

16ms
16ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=WLPL6wnxCTCuRUwG9DfmXw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Fri, 25 Dec 2020 19:05:24 GMT
server: nginx
x-fastly-to-nlb-rtt: 10050

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=WLPL6wnxCTCuRUwG9DfmXw
date: Fri, 25 Dec 2020 19:05:24 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 4D2D 35 B
380 B 107ms
106ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Fri, 25 Dec 2020 19:04:56 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 4D2D
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=53be2757-73f1-4083-8387-f039dcc38892&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=taboola&bsw_param=53be2757-73f1-4083-8387-f039dcc38892
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=53be2757-73f1-4083-8387-f039dcc38892

0
226 B

17ms
16ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=53be2757-73f1-4083-8387-f039dcc38892
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.134:10213
date: Fri, 25 Dec 2020 19:05:27 GMT
server: nginx
x-fastly-to-nlb-rtt: 7469

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=53be2757-73f1-4083-8387-f039dcc38892
date: Fri, 25 Dec 2020 19:05:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ Frame 40BF 9 KB
3 KB 25ms
22ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 994f1e42374da62e0cee6d313ded050cf25da1791bc6b93108b6c767ef9ee5c8

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: jMf5pqf.SadM71FjPvdg8VWrEWjJxNjG
content-encoding: gzip
etag: "b1c2e56f4b8971192b6424f549fefefb"
age: 336
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3121
x-amz-id-2: jZj8msKBF7nhBgBqUwZjEjMuym3q02iC09Yz/uusA+umvUkzUI21N1Jzu2M93rK4AxauvOZSZAY=
x-served-by: cache-fra19166-FRA
last-modified: Wed, 16 Dec 2020 10:52:48 GMT
server: AmazonS3
x-timer: S1608923123.406738,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 6C56DDA49CF240A2
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 62
x-cache-hits: 3942

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 40BF 3 KB
1 KB 24ms
22ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tcahAQL7SM5vHmChLog9xryayd2KNhUu
content-encoding: gzip
etag: "9e155136143a96e23a99757df9aa3cc8"
age: 6255
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 728
x-amz-id-2: f65xj6iuxogMKrz0V0PcFaMwZec2VDREXRA0jdjbf3aLNlkxtn2vhTmCXQ21535SK5HpYLHFJGI=
x-served-by: cache-fra19166-FRA
last-modified: Sun, 15 Nov 2020 09:20:35 GMT
server: AmazonS3
x-timer: S1608923123.406424,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 414C1B5C7AA1A893
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 62
x-cache-hits: 54916

GET
H2 200 userx.20201224-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 40BF 23 KB
8 KB 23ms
22ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20201224-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2077feca4c7d47457b724e1dba0636a33940d419f934bf1e0c6ab10a9bcd8fd

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: lE4X3tXEs7mDYzVypmZ5EKCgkRDT8kLA
content-encoding: gzip
etag: "e87399d926e40ccd04f692acdef11240"
age: 43
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 7880
x-amz-id-2: Pe6L/THlw3IAVpBt903RQAMO2g6pCdWlgu+3MrKvWsy1A19stysaQFF1tAuRBUrjSnULvv0FwgM=
x-served-by: cache-fra19166-FRA
last-modified: Thu, 24 Dec 2020 10:57:26 GMT
server: AmazonS3
x-timer: S1608923123.409425,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 430751D43610ED31
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 62
x-cache-hits: 49

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame 4D2D 42 B
1009 B 23ms
22ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73:$UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:24 GMT
X-lat: Pug23024:0:382
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 4D2D 43 B
1 KB 17ms
17ms Image
image/gif 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&us_privacy=&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:24 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 4D2D 49 B
333 B 93ms
93ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-659d447f4f-2bfkj
expires: -1

GET
H2

200

rtb-h
sync.taboola.com/sg/storygize-network/1/ Frame 4D2D
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
228 B

17ms
17ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Fri, 25 Dec 2020 19:05:24 GMT
server: nginx
x-fastly-to-nlb-rtt: 11204

Redirect headers

Location: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
Content-Length: 0
expires: 0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 4D2D 43 B
438 B 27ms
26ms Image
image/gif 185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 put
e1.emxdgt.com/ Frame 4D2D 43 B
98 B 23ms
22ms Image
image/gif 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:23 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET

8.gif
id5-sync.com/c/464/485/0/ Frame 4D2D
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F6%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F6%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/6/2.gif?puid=ebfdb4b5-7b06-49e6-89d2-0352a6661122&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
https://id5-sync.com/c/464/108/5/3.gif?puid=247b4bc1-46e4-11eb-bdce-dee31d69c907&gdpr=1&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F4%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F4%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/112/4/4.gif?puid=F42938D77227E039&gdpr=1&gdpr_consent=
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F3%2F5.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F3%2F5.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F3%2F5.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/146/3/5.gif?puid=4c434b91-c71f-4566-a83c-d28f916059f8&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F398%2F2%2F6....
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NjlkOGI3NGMyM2JhZTc5ZTFjNTJjYzRjZGFkYmMyMzk&google_redir=https://id5-sync.com/c/464/398/2/6.gif?puid=NjlkOGI3NGMyM2JhZTc5ZTFjNTJjY...
https://id5-sync.com/c/464/398/2/6.gif?puid=NjlkOGI3NGMyM2JhZTc5ZTFjNTJjYzRjZGFkYmMyMzk&gdpr=1&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F1%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/441/1/7.gif?puid=e_4495d61a-eaa6-4e2a-b07e-9f5c8252e1f6&gdpr=1&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=69d8b74c23bae79e1c52cc4cdadbc239&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gd...
https://id5-sync.com/c/464/485/0/8.gif?puid=30582427864988804148535671688645960914&gdpr=1&gdpr_consent=

0
0

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame 4D2D 0
155 B 3290ms
88ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_r=464363
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 25 Dec 2020 19:05:27 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2 204 fix-user-id
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/ Frame 40BF 0
353 B 34ms
33ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/fix-user-id?lti=deflated&ri=591112db9ca1c37e5369ff1cd56307e6&sd=v2_3441c10f358beae07aecf3e422162605_12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73_1608923123_1608923123_CIi3jgYQsJRMGKmbqtrpLiABKAEwoQE4l-oLQJ2XEEjZ2tgDUP___________wFYAGAAaOKmqpGyrZficA&ui=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&pi=/&wi=3538932220208471119&pt=text&vi=1608923123113&time=1608923123397&fromUser=12c9ef7d-ac50-475c-9f78-e19ca4abc36c-tuct6dfbd73&toUser=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&fromSD=v2_19185ea0eda9ce0c82cac4827f0a1220_12c9ef7d-ac50-475c-9f78-e19ca4abc36c-tuct6dfbd73_1608923123_1608923123_CIi3jgYQsJRMGKmbqtrpLiABKAEwoQE4l-oLQJWXEEj-0toDUP___________wFYAGAAaOKmqpGyrZficA&toSD=v2_3441c10f358beae07aecf3e422162605_12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73_1608923123_1608923123_CIi3jgYQsJRMGKmbqtrpLiABKAEwoQE4l-oLQJ2XEEjZ2tgDUP___________wFYAGAAaOKmqpGyrZficA&tim=20%3A05%3A23.397&id=2435&llvl=1&cv=20201224-10-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923124.093363,VS0,VE9
x-served-by: cache-fra19166-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 660d4bbe03d8b537b7701ab78865a50c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 40BF 16 KB
17 KB 23ms
23ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1a5721d954022cfe95c265712b15f6a5c00deb666779162112ba297d5c64b019

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1331422
edge-cache-tag: 345703844043356264111475524258613762013,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Mon, 04 Jan 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
content-length: 16316
x-served-by: cache-dca17762-DCA, cache-dca17737-DCA, cache-fra19166-FRA
last-modified: Fri, 04 Dec 2020 13:14:57 GMT
server: cloudinary
x-timer: S1608923124.125413,VS0,VE0
etag: "8efc7eee106ef446195e6cc7899d6511"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 40BF 254 B
733 B 22ms
22ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 25706
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by: cache-fra19166-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1608923123.439070,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
x-amz-request-id: F6D91014AAA6CDC4
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 62
x-cache-hits: 19743

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e8840569dace49ce9334ca535788561.jpg
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: af5a8f6c64a181e0ccf8a4168aae045faca88c8c61e5bde24c657a9f22067c9a

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 643590
edge-cache-tag: 397453652855030834564860938788755651292,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e8840569dace49ce9334ca535788561.jpg
content-length: 52981
x-request-id: 79467052c114c254e3219aebe8be13cc
x-served-by: cache-dca17763-DCA, cache-dca17730-DCA, cache-fra19166-FRA
last-modified: Thu, 17 Dec 2020 20:18:31 GMT
server: cloudinary
x-timer: S1608923124.149102,VS0,VE0
etag: "51c372f9b1f422615342cc69eeb8f46f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 json Show response
trc.taboola.com/indice-hwebcindario300x600gr-r17556238/trc/3/ Frame 74E4 13 KB
5 KB 159ms
158ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x600gr-r17556238/trc/3/json?tim=20%3A05%3A23.652&lti=deflated&data=%7B%22id%22%3A881%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3A%2212670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73%22%2C%22uifp%22%3A%2212670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73%22%2C%22lbt%22%3A1608818950143%2C%22vi%22%3A1608923123113%2C%22cv%22%3A%2220201224-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22lspb%22%3A%22CwsIQhD5smAMCwiJARD5smAMCwiRARD5smAMCwggEPmyYAwLCKEBEPmyYAwLCKIBEPmyYAwLCCQQ-bJgDAsIJxD5smAMCwirARD5smAMCwitARD5smAMCwgtEPmyYAwLCK4BEPmyYAwLCK8BEPmyYAwLCLABEPmyYAwLCLIBEPmyYAwLCLUBEPmyYAwLCLYBEPmyYAwLCDsQ-bJgDAsIPRCa5F8MCwg_EPmyYAwMExQ%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A600%2C%22dw%22%3A300%2C%22dh%22%3A600%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217556238%22%2C%22orig_uip%22%3A%2217556238%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C17556238%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8987c2c672aeb5cf90cd8ca132242fba777264a0e9d355c85bc72c65e14fa72d

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 133
date: Fri, 25 Dec 2020 19:05:23 GMT
content-encoding: gzip
server: nginx
x-timer: S1608923124.662985,VS0,VE133
x-served-by: cache-fra19166-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/indice-hwebcindario300x600gr-r17556238/trc/3/ Frame 5FE2 13 KB
5 KB 165ms
165ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x600gr-r17556238/trc/3/json?tim=20%3A05%3A23.663&lti=deflated&data=%7B%22id%22%3A687%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3A%2212670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73%22%2C%22uifp%22%3A%2212670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73%22%2C%22lbt%22%3A1608818950143%2C%22vi%22%3A1608923123113%2C%22cv%22%3A%2220201224-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22lspb%22%3A%22CwsIQhD5smAMCwiJARD5smAMCwiRARD5smAMCwggEPmyYAwLCKEBEPmyYAwLCKIBEPmyYAwLCCQQ-bJgDAsIJxD5smAMCwirARD5smAMCwitARD5smAMCwgtEPmyYAwLCK4BEPmyYAwLCK8BEPmyYAwLCLABEPmyYAwLCLIBEPmyYAwLCLUBEPmyYAwLCLYBEPmyYAwLCDsQ-bJgDAsIPRCa5F8MCwg_EPmyYAwMExQ%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A600%2C%22dw%22%3A300%2C%22dh%22%3A600%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217556238%22%2C%22orig_uip%22%3A%2217556238%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C17556238%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 04ce9b19e5c5db3f9d52fba0c5ef6836cb465c6a61573a962fa952ae9835d16e

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 143
date: Fri, 25 Dec 2020 19:05:23 GMT
content-encoding: gzip
server: nginx
x-timer: S1608923124.671035,VS0,VE143
x-served-by: cache-fra19166-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/indice-hwebcindario300x600gr-r17556238/trc/3/ Frame 1312 14 KB
5 KB 185ms
185ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x600gr-r17556238/trc/3/json?tim=20%3A05%3A23.692&lti=deflated&data=%7B%22id%22%3A188%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3A%2212670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73%22%2C%22uifp%22%3A%2212670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73%22%2C%22lbt%22%3A1608818950143%2C%22vi%22%3A1608923123113%2C%22cv%22%3A%2220201224-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22lspb%22%3A%22CwsIQhD5smAMCwiJARD5smAMCwiRARD5smAMCwggEPmyYAwLCKEBEPmyYAwLCKIBEPmyYAwLCCQQ-bJgDAsIJxD5smAMCwirARD5smAMCwitARD5smAMCwgtEPmyYAwLCK4BEPmyYAwLCK8BEPmyYAwLCLABEPmyYAwLCLIBEPmyYAwLCLUBEPmyYAwLCLYBEPmyYAwLCDsQ-bJgDAsIPRCa5F8MCwg_EPmyYAwMExQ%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22https%3A%2F%2Fsecure01b-bbt.webcindario.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A600%2C%22dw%22%3A300%2C%22dh%22%3A600%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217556238%22%2C%22orig_uip%22%3A%2217556238%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C17556238%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0c65b4d69236ad985c34fecde481df06a177969c63083692935a17525c47cab7

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 163
date: Fri, 25 Dec 2020 19:05:23 GMT
content-encoding: gzip
server: nginx
x-timer: S1608923124.699637,VS0,VE163
x-served-by: cache-fra19166-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ Frame 74E4 9 KB
3 KB 23ms
22ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 994f1e42374da62e0cee6d313ded050cf25da1791bc6b93108b6c767ef9ee5c8

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: jMf5pqf.SadM71FjPvdg8VWrEWjJxNjG
content-encoding: gzip
etag: "b1c2e56f4b8971192b6424f549fefefb"
age: 336
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3121
x-amz-id-2: jZj8msKBF7nhBgBqUwZjEjMuym3q02iC09Yz/uusA+umvUkzUI21N1Jzu2M93rK4AxauvOZSZAY=
x-served-by: cache-fra19166-FRA
last-modified: Wed, 16 Dec 2020 10:52:48 GMT
server: AmazonS3
x-timer: S1608923124.820576,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 6C56DDA49CF240A2
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 62
x-cache-hits: 3947

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 74E4 3 KB
974 B 23ms
23ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tcahAQL7SM5vHmChLog9xryayd2KNhUu
content-encoding: gzip
etag: "9e155136143a96e23a99757df9aa3cc8"
age: 6255
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 728
x-amz-id-2: f65xj6iuxogMKrz0V0PcFaMwZec2VDREXRA0jdjbf3aLNlkxtn2vhTmCXQ21535SK5HpYLHFJGI=
x-served-by: cache-fra19166-FRA
last-modified: Sun, 15 Nov 2020 09:20:35 GMT
server: AmazonS3
x-timer: S1608923124.820549,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 414C1B5C7AA1A893
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 62
x-cache-hits: 54921

GET
H3-Q050

200

B25126091.291191166;dc_pre=CID-kNrp6e0CFYq43godCkgEsw;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGD...
ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/ Frame 74E4
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%...
https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_pre=CID-kNrp6e0CFYq43godCkgEsw;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child...

42 B
65 B

41ms
40ms

Image
image/gif

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_pre=CID-kNrp6e0CFYq43godCkgEsw;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?;dc_ref=secure01b-bbt.webcindario.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_pre=CID-kNrp6e0CFYq43godCkgEsw;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?;dc_ref=secure01b-bbt.webcindario.com
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 userx.20201224-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 74E4 23 KB
8 KB 25ms
23ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20201224-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2077feca4c7d47457b724e1dba0636a33940d419f934bf1e0c6ab10a9bcd8fd

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: lE4X3tXEs7mDYzVypmZ5EKCgkRDT8kLA
content-encoding: gzip
etag: "e87399d926e40ccd04f692acdef11240"
age: 44
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 7880
x-amz-id-2: Pe6L/THlw3IAVpBt903RQAMO2g6pCdWlgu+3MrKvWsy1A19stysaQFF1tAuRBUrjSnULvv0FwgM=
x-served-by: cache-fra19166-FRA
last-modified: Thu, 24 Dec 2020 10:57:26 GMT
server: AmazonS3
x-timer: S1608923124.828636,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 430751D43610ED31
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 62
x-cache-hits: 51

GET
H2

200

tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/ Frame 74E4
Redirect Chain

https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73

49 B
714 B

42ms
42ms

Image
image/gif

54.171.173.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.24.67
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
cache-control: no-cache
x-server: 10.45.20.14
content-length: 0
expires: 0

GET
H/1.1 200
OK 35702
tags.bluekai.com/site/ Frame 74E4 62 B
329 B 3256ms
162ms Image
image/gif 104.111.246.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/35702?id=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.246.202 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-246-202.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Dec 2020 19:05:27 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 2a3d
Content-Type: image/gif

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 74E4 95 B
259 B 59ms
41ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1367&env=mWeb&cid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&gdpr=$0&gdpr_consent=$
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://secure01b-bbt.webcindario.com
access-control-allow-credentials: true
cf-ray: 6074d5540a72dfcf-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 073ce3a8830000dfcffb0be000000001

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 74E4 43 B
324 B 3115ms
34ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_866925&src.visitorId=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:26 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cm
trc.taboola.com/sg/neustar/1/ Frame 74E4
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900503646000996782

0
150 B

32ms
32ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900503646000996782
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923124.860383,VS0,VE10
x-served-by: cache-fra19166-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900503646000996782
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1

200
OK

279afebde0304d15bba7e1875c7624cd
i.liadm.com/s/e/32441/0/ Frame 74E4
Redirect Chain

https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_li_chk=true&previous_uuid=35904d4e82204153bff717bf8cf3736d
https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F32441%2F0%2F279afebde0304d15bba7e1875c7624cd%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&35904d4e-8220-4153-bff7-17bf...
https://i.liadm.com/s/e/32441/0/279afebde0304d15bba7e1875c7624cd?mpid=7156&muid=cf915fe6-37f4-4b00-ac5d-2fe413bb4334

43 B
257 B

289ms
108ms

Image
image/gif

54.88.18.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/32441/0/279afebde0304d15bba7e1875c7624cd?mpid=7156&muid=cf915fe6-37f4-4b00-ac5d-2fe413bb4334

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.18.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Dec 2020 19:05:24 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Date: Fri, 25 Dec 2020 19:05:25 GMT
Server: MT3 3463 db13218 master cdg-pixel-x16
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://i.liadm.com/s/e/32441/0/279afebde0304d15bba7e1875c7624cd?mpid=7156&muid=cf915fe6-37f4-4b00-ac5d-2fe413bb4334
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 25 Dec 2020 19:05:24 GMT

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame 74E4
Redirect Chain

https://pixel.onaudience.com/?partner=137085097&mapped=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&mapped=69d8b74c23bae79e1c52cc4cdadbc239
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=8412426b-3c20-4bf5-9846-4fa8475af5f4&icm

35 B
248 B

31ms
30ms

Image
image/gif

51.210.112.236
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=147&mapped=8412426b-3c20-4bf5-9846-4fa8475af5f4&icm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.112.236 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:27 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.onaudience.com/?partner=147&mapped=8412426b-3c20-4bf5-9846-4fa8475af5f4&icm
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 209

GET
H/1.1

200
OK

csync.ashx
ml314.com/ Frame 74E4
Redirect Chain

https://ml314.com/utsync.ashx?eid=50077&et=0&fp=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d
https://idsync.rlcdn.com/395886.gif?partner_uid=3615491852978356316
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxNTQ5MTg1Mjk3ODM1NjMxNhAAGg0I9e-Y_wUSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=be33285b070a3a1ad5a126949f46cc28f4edaefe60689ff2c608e6736d9f9d1cf4cb09cee1a4f8eb&person_id=3615491852978356316&eid=50082

43 B
312 B

81ms
35ms

Image
image/gif

52.49.20.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=be33285b070a3a1ad5a126949f46cc28f4edaefe60689ff2c608e6736d9f9d1cf4cb09cee1a4f8eb&person_id=3615491852978356316&eid=50082
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.20.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Dec 2020 19:05:24 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Sat, 26 Dec 2020 14:05:25 GMT

Redirect headers

date: Fri, 25 Dec 2020 19:05:25 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=be33285b070a3a1ad5a126949f46cc28f4edaefe60689ff2c608e6736d9f9d1cf4cb09cee1a4f8eb&person_id=3615491852978356316&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 74E4
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
https://sync.1dmp.io/pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&cs=1

35 B
376 B

26ms
26ms

Image
image/gif

136.243.148.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&cs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.148.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:26 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&cs=1
date: Fri, 25 Dec 2020 19:05:26 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

204

/
loadm.exelator.com/load/ Frame 74E4
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&xl8blockcheck=1

0
763 B

33ms
32ms

Image
text/plain

136.144.49.28
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&xl8blockcheck=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.49.28 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Fri, 25 Dec 2020 19:05:24 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 74E4 95 B
259 B 58ms
39ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1412&env=mWeb&cid=7b6ad1b54a0c01838fc4b5929d2e29732d9aa2455a448997373d78dc2b18be70&gdpr=$0&gdpr_consent=$
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://secure01b-bbt.webcindario.com
access-control-allow-credentials: true
cf-ray: 6074d5540a71dfcf-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 073ce3a8820000dfcf1abf4000000001

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55973/ Frame 74E4
Redirect Chain

https://pixel.advertising.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1
https://pixel.advertising.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&apid=UP24f7a7e4-46e4-11eb-aa93-025ff526da38
https://ups.analytics.yahoo.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&apid=UP24f7a7e4-46e4-11eb-aa93-025ff526da38&verify=true

0
964 B

27ms
26ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&apid=UP24f7a7e4-46e4-11eb-aa93-025ff526da38&verify=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Dec 2020 19:05:26 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Fri, 25 Dec 2020 19:05:26 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&apid=UP24f7a7e4-46e4-11eb-aa93-025ff526da38&verify=true
Connection: keep-alive
Content-Length: 0

GET
H2 200 660d4bbe03d8b537b7701ab78865a50c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 74E4 7 KB
7 KB 116ms
116ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: e96ce13bc63388ee4b7cebc2c1c7b91fd1a5df8c8487c21b89a37ec23bfce8b4

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 94
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1772753
edge-cache-tag: 345703844043356264111475524258613762013,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
content-length: 6717
x-request-id: da5af7af160ee2caeda0ef29ce3e8d1a
x-served-by: cache-dca17768-DCA, cache-dca17776-DCA, cache-fra19166-FRA
last-modified: Fri, 04 Dec 2020 11:25:21 GMT
server: cloudinary
x-timer: S1608923124.173623,VS0,VE94
etag: "2fef5a612947693abac34c370d888c1d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 02c1c5a78fe7e055fc9f5c99b2ead6a9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 74E4 7 KB
8 KB 27ms
26ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02c1c5a78fe7e055fc9f5c99b2ead6a9.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9da207cf23084ccc3d338b41bc1783517e4c5129e49477532b43fe06d55fdb90

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 4
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1916719
edge-cache-tag: 521778653778381575419163598542051924527,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 27 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02c1c5a78fe7e055fc9f5c99b2ead6a9.jpg
content-length: 7653
x-served-by: cache-dca17747-DCA, cache-dca17770-DCA, cache-fra19166-FRA
last-modified: Thu, 26 Nov 2020 20:33:02 GMT
server: cloudinary
x-timer: S1608923124.217039,VS0,VE4
etag: "1d739ea2355951ff73202bfdd5cc103a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 6e8840569dace49ce9334ca535788561.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 74E4 12 KB
13 KB 24ms
24ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e8840569dace49ce9334ca535788561.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 01c55834913eb5d789c845bd4d667e37e61f59d5efd28dc7bc81ca0c306a1721

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 641085
edge-cache-tag: 397453652855030834564860938788755651292,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e8840569dace49ce9334ca535788561.jpg
content-length: 12451
x-request-id: ecda724818b682b98836e9be7a63f233
x-served-by: cache-dca17779-DCA, cache-dca17782-DCA, cache-fra19166-FRA
last-modified: Thu, 17 Dec 2020 20:18:31 GMT
server: cloudinary
x-timer: S1608923124.243818,VS0,VE1
etag: "e82892fc1439fa70043d339393ed986e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 97eaaf3ee1b9820348e7d5d26709c934.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 74E4 10 KB
11 KB 24ms
23ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97eaaf3ee1b9820348e7d5d26709c934.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4bd26468a2ea689e8809e8f8b2af4aa6e908ba18f7bbef42114c1eb1ad9f5ec1

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1823012
edge-cache-tag: 461876095686670384401610559578852227500,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 27 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97eaaf3ee1b9820348e7d5d26709c934.png
content-length: 10732
x-served-by: cache-dca17759-DCA, cache-dca17774-DCA, cache-fra19166-FRA
last-modified: Thu, 26 Nov 2020 12:39:34 GMT
server: cloudinary
x-timer: S1608923124.268309,VS0,VE1
etag: "bcd3f8d0a32e0de561d56c7015ae772e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 6b58272e859161a9eb867eebd0a19039.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 74E4 11 KB
11 KB 24ms
23ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b58272e859161a9eb867eebd0a19039.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6d3b58872603b9f4e7adad9aa362fa471defaa1e660d3c526e268371e9bcea36

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1301865
edge-cache-tag: 467337849910430526017171593061685654671,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b58272e859161a9eb867eebd0a19039.jpg
content-length: 10888
x-request-id: 439613bd2ab080b10b07c119e79bb2b0
x-served-by: cache-dca17738-DCA, cache-dca17739-DCA, cache-fra19166-FRA
last-modified: Thu, 26 Nov 2020 22:13:29 GMT
server: cloudinary
x-timer: S1608923124.290034,VS0,VE1
etag: "937d5b97ee134cd210465497f24a0338"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 4d2e2932a4dfb5725fd77c2c4a66d35d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 74E4 7 KB
7 KB 23ms
23ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4d2e2932a4dfb5725fd77c2c4a66d35d.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 33a9bdc21470d5848b4a8ef6bcd1159e7f5d3bc8a43fce9ab4553191148f2799

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 961270
edge-cache-tag: 491567243346629010938073988898900300089,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 03 Jan 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4d2e2932a4dfb5725fd77c2c4a66d35d.png
content-length: 6682
x-served-by: cache-dca17730-DCA, cache-dca17735-DCA, cache-fra19166-FRA
last-modified: Thu, 03 Dec 2020 11:43:58 GMT
server: cloudinary
x-timer: S1608923124.292223,VS0,VE1
etag: "a039ed3784728019f3eb012ad9fa2de8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2

200

tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/ Frame 5FE2
Redirect Chain

https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73

49 B
721 B

102ms
102ms

Image
image/gif

54.171.173.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:24 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.20.183
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
cache-control: no-cache
x-server: 10.45.21.14
content-length: 0
expires: 0

GET
H/1.1 200
OK 35702
tags.bluekai.com/site/ Frame 5FE2 62 B
329 B 3237ms
164ms Image
image/gif 104.111.246.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/35702?id=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.246.202 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-246-202.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Dec 2020 19:05:27 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 6834
Content-Type: image/gif

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 5FE2 95 B
258 B 39ms
37ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1367&env=mWeb&cid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&gdpr=$0&gdpr_consent=$
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://secure01b-bbt.webcindario.com
access-control-allow-credentials: true
cf-ray: 6074d5540a7ddfcf-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 073ce3a8860000dfcf63990000000001

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 5FE2 43 B
106 B 3095ms
35ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_866925&src.visitorId=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&gdpr=0&gdpr_consent=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:26 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cm
trc.taboola.com/sg/neustar/1/ Frame 5FE2
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900603646000996835

0
188 B

33ms
31ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900603646000996835
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923124.884782,VS0,VE9
x-served-by: cache-fra19166-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900603646000996835
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1

200
OK

33a3b852fcc647fabc56f457eef85480
i.liadm.com/s/e/32441/0/ Frame 5FE2
Redirect Chain

https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_li_chk=true&previous_uuid=e9c8e1c1950b42d2be08c9815c6d5c62
https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F32441%2F0%2F33a3b852fcc647fabc56f457eef85480%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&e9c8e1c1-950b-42d2-be08-c981...
https://i.liadm.com/s/e/32441/0/33a3b852fcc647fabc56f457eef85480?mpid=7156&muid=cf915fe6-37f4-4b00-ac5d-2fe413bb4334

43 B
257 B

333ms
113ms

Image
image/gif

54.88.18.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/32441/0/33a3b852fcc647fabc56f457eef85480?mpid=7156&muid=cf915fe6-37f4-4b00-ac5d-2fe413bb4334

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.18.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Dec 2020 19:05:25 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Date: Fri, 25 Dec 2020 19:05:26 GMT
Server: MT3 3463 db13218 master cdg-pixel-x27
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://i.liadm.com/s/e/32441/0/33a3b852fcc647fabc56f457eef85480?mpid=7156&muid=cf915fe6-37f4-4b00-ac5d-2fe413bb4334
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 25 Dec 2020 19:05:25 GMT

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame 5FE2
Redirect Chain

https://pixel.onaudience.com/?partner=137085097&mapped=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26mapped%3D%25%25UID%25%25
https://pixel.onaudience.com/?partner=161&icm&mapped=a55d5be2bbb9ffc08b8f81c3bd9e9a7b

35 B
248 B

30ms
30ms

Image
image/gif

51.210.112.236
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&mapped=a55d5be2bbb9ffc08b8f81c3bd9e9a7b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.112.236 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Fri, 25 Dec 2020 19:05:26 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&mapped=a55d5be2bbb9ffc08b8f81c3bd9e9a7b
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H2

200

395886.gif
idsync.rlcdn.com/ Frame 5FE2
Redirect Chain

https://ml314.com/utsync.ashx?eid=50077&et=0&fp=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d
https://idsync.rlcdn.com/395886.gif?partner_uid=3615491852971540574

42 B
317 B

22ms
21ms

Image
image/gif

34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/395886.gif?partner_uid=3615491852971540574
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Dec 2020 19:05:25 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:24 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location: https://idsync.rlcdn.com/395886.gif?partner_uid=3615491852971540574
Cache-Control: private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 184
Expires: 0,Sat, 26 Dec 2020 14:05:24 GMT

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 5FE2
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
https://sync.1dmp.io/pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&cs=1

35 B
376 B

27ms
26ms

Image
image/gif

136.243.148.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&cs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.148.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:26 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&cs=1
date: Fri, 25 Dec 2020 19:05:26 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

204

/
loadm.exelator.com/load/ Frame 5FE2
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&xl8blockcheck=1

0
763 B

31ms
30ms

Image
text/plain

136.144.49.28
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&xl8blockcheck=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.49.28 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Fri, 25 Dec 2020 19:05:24 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 5FE2 95 B
605 B 35ms
34ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1412&env=mWeb&cid=7b6ad1b54a0c01838fc4b5929d2e29732d9aa2455a448997373d78dc2b18be70&gdpr=$0&gdpr_consent=$
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://secure01b-bbt.webcindario.com
access-control-allow-credentials: true
cf-ray: 6074d5540a7edfcf-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 073ce3a8870000dfcf7a85c000000001

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55973/ Frame 5FE2
Redirect Chain

https://pixel.advertising.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1
https://pixel.advertising.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&apid=UP24f7a855-46e4-11eb-85e9-023b0463e028
https://ups.analytics.yahoo.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&apid=UP24f7a855-46e4-11eb-85e9-023b0463e028&verify=true

0
964 B

26ms
25ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&apid=UP24f7a855-46e4-11eb-85e9-023b0463e028&verify=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Dec 2020 19:05:26 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Fri, 25 Dec 2020 19:05:26 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&apid=UP24f7a855-46e4-11eb-85e9-023b0463e028&verify=true
Connection: keep-alive
Content-Length: 0

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ Frame 5FE2 9 KB
3 KB 25ms
24ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 994f1e42374da62e0cee6d313ded050cf25da1791bc6b93108b6c767ef9ee5c8

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: jMf5pqf.SadM71FjPvdg8VWrEWjJxNjG
content-encoding: gzip
etag: "b1c2e56f4b8971192b6424f549fefefb"
age: 337
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3121
x-amz-id-2: jZj8msKBF7nhBgBqUwZjEjMuym3q02iC09Yz/uusA+umvUkzUI21N1Jzu2M93rK4AxauvOZSZAY=
x-served-by: cache-fra19166-FRA
last-modified: Wed, 16 Dec 2020 10:52:48 GMT
server: AmazonS3
x-timer: S1608923124.845483,VS0,VE1
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 6C56DDA49CF240A2
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 62
x-cache-hits: 3948

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 5FE2 3 KB
974 B 25ms
24ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tcahAQL7SM5vHmChLog9xryayd2KNhUu
content-encoding: gzip
etag: "9e155136143a96e23a99757df9aa3cc8"
age: 6255
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 728
x-amz-id-2: f65xj6iuxogMKrz0V0PcFaMwZec2VDREXRA0jdjbf3aLNlkxtn2vhTmCXQ21535SK5HpYLHFJGI=
x-served-by: cache-fra19166-FRA
last-modified: Sun, 15 Nov 2020 09:20:35 GMT
server: AmazonS3
x-timer: S1608923124.845512,VS0,VE1
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 414C1B5C7AA1A893
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 62
x-cache-hits: 54922

GET
H3-Q050

200

B25126091.291191166;dc_pre=COq2ktrp6e0CFbTJuwgdnH4D9g;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGD...
ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/ Frame 5FE2
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%...
https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_pre=COq2ktrp6e0CFbTJuwgdnH4D9g;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child...

42 B
65 B

40ms
40ms

Image
image/gif

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_pre=COq2ktrp6e0CFbTJuwgdnH4D9g;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?;dc_ref=secure01b-bbt.webcindario.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_pre=COq2ktrp6e0CFbTJuwgdnH4D9g;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?;dc_ref=secure01b-bbt.webcindario.com
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 userx.20201224-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 5FE2 23 KB
8 KB 23ms
22ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20201224-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2077feca4c7d47457b724e1dba0636a33940d419f934bf1e0c6ab10a9bcd8fd

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: lE4X3tXEs7mDYzVypmZ5EKCgkRDT8kLA
content-encoding: gzip
etag: "e87399d926e40ccd04f692acdef11240"
age: 44
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 7880
x-amz-id-2: Pe6L/THlw3IAVpBt903RQAMO2g6pCdWlgu+3MrKvWsy1A19stysaQFF1tAuRBUrjSnULvv0FwgM=
x-served-by: cache-fra19166-FRA
last-modified: Thu, 24 Dec 2020 10:57:26 GMT
server: AmazonS3
x-timer: S1608923124.851903,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 430751D43610ED31
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 62
x-cache-hits: 52

GET
H2 200 660d4bbe03d8b537b7701ab78865a50c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4375 16 KB
16 KB 23ms
22ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1a5721d954022cfe95c265712b15f6a5c00deb666779162112ba297d5c64b019

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1331423
edge-cache-tag: 345703844043356264111475524258613762013,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Mon, 04 Jan 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
content-length: 16316
x-served-by: cache-dca17762-DCA, cache-dca17737-DCA, cache-fra19166-FRA
last-modified: Fri, 04 Dec 2020 13:14:57 GMT
server: cloudinary
x-timer: S1608923124.314937,VS0,VE0
etag: "8efc7eee106ef446195e6cc7899d6511"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 3

GET
H2 200 660d4bbe03d8b537b7701ab78865a50c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5FE2 7 KB
7 KB 23ms
23ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: e96ce13bc63388ee4b7cebc2c1c7b91fd1a5df8c8487c21b89a37ec23bfce8b4

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1772753
edge-cache-tag: 345703844043356264111475524258613762013,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
content-length: 6717
x-request-id: da5af7af160ee2caeda0ef29ce3e8d1a
x-served-by: cache-dca17768-DCA, cache-dca17776-DCA, cache-fra19166-FRA
last-modified: Fri, 04 Dec 2020 11:25:21 GMT
server: cloudinary
x-timer: S1608923124.316642,VS0,VE0
etag: "2fef5a612947693abac34c370d888c1d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 02c1c5a78fe7e055fc9f5c99b2ead6a9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5FE2 7 KB
8 KB 23ms
22ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02c1c5a78fe7e055fc9f5c99b2ead6a9.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9da207cf23084ccc3d338b41bc1783517e4c5129e49477532b43fe06d55fdb90

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1916719
edge-cache-tag: 521778653778381575419163598542051924527,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 27 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02c1c5a78fe7e055fc9f5c99b2ead6a9.jpg
content-length: 7653
x-served-by: cache-dca17747-DCA, cache-dca17770-DCA, cache-fra19166-FRA
last-modified: Thu, 26 Nov 2020 20:33:02 GMT
server: cloudinary
x-timer: S1608923124.338721,VS0,VE0
etag: "1d739ea2355951ff73202bfdd5cc103a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 6e8840569dace49ce9334ca535788561.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5FE2 12 KB
13 KB 23ms
22ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e8840569dace49ce9334ca535788561.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 01c55834913eb5d789c845bd4d667e37e61f59d5efd28dc7bc81ca0c306a1721

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 641085
edge-cache-tag: 397453652855030834564860938788755651292,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e8840569dace49ce9334ca535788561.jpg
content-length: 12451
x-request-id: ecda724818b682b98836e9be7a63f233
x-served-by: cache-dca17779-DCA, cache-dca17782-DCA, cache-fra19166-FRA
last-modified: Thu, 17 Dec 2020 20:18:31 GMT
server: cloudinary
x-timer: S1608923124.339988,VS0,VE0
etag: "e82892fc1439fa70043d339393ed986e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 97eaaf3ee1b9820348e7d5d26709c934.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5FE2 10 KB
11 KB 23ms
21ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97eaaf3ee1b9820348e7d5d26709c934.png
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4bd26468a2ea689e8809e8f8b2af4aa6e908ba18f7bbef42114c1eb1ad9f5ec1

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1823012
edge-cache-tag: 461876095686670384401610559578852227500,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 27 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97eaaf3ee1b9820348e7d5d26709c934.png
content-length: 10732
x-served-by: cache-dca17759-DCA, cache-dca17774-DCA, cache-fra19166-FRA
last-modified: Thu, 26 Nov 2020 12:39:34 GMT
server: cloudinary
x-timer: S1608923124.362250,VS0,VE0
etag: "bcd3f8d0a32e0de561d56c7015ae772e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 6b58272e859161a9eb867eebd0a19039.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5FE2 11 KB
11 KB 23ms
22ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b58272e859161a9eb867eebd0a19039.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6d3b58872603b9f4e7adad9aa362fa471defaa1e660d3c526e268371e9bcea36

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1301865
edge-cache-tag: 467337849910430526017171593061685654671,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b58272e859161a9eb867eebd0a19039.jpg
content-length: 10888
x-request-id: 439613bd2ab080b10b07c119e79bb2b0
x-served-by: cache-dca17738-DCA, cache-dca17739-DCA, cache-fra19166-FRA
last-modified: Thu, 26 Nov 2020 22:13:29 GMT
server: cloudinary
x-timer: S1608923124.363676,VS0,VE0
etag: "937d5b97ee134cd210465497f24a0338"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 4d2e2932a4dfb5725fd77c2c4a66d35d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5FE2 7 KB
7 KB 23ms
22ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4d2e2932a4dfb5725fd77c2c4a66d35d.png
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 33a9bdc21470d5848b4a8ef6bcd1159e7f5d3bc8a43fce9ab4553191148f2799

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 961270
edge-cache-tag: 491567243346629010938073988898900300089,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 03 Jan 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4d2e2932a4dfb5725fd77c2c4a66d35d.png
content-length: 6682
x-served-by: cache-dca17730-DCA, cache-dca17735-DCA, cache-fra19166-FRA
last-modified: Thu, 03 Dec 2020 11:43:58 GMT
server: cloudinary
x-timer: S1608923124.385679,VS0,VE0
etag: "a039ed3784728019f3eb012ad9fa2de8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 74E4 254 B
672 B 22ms
22ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 25707
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by: cache-fra19166-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1608923124.867088,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
x-amz-request-id: F6D91014AAA6CDC4
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 62
x-cache-hits: 19747

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 5FE2 254 B
326 B 23ms
22ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 25707
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by: cache-fra19166-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1608923124.884774,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
x-amz-request-id: F6D91014AAA6CDC4
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 62
x-cache-hits: 19748

GET
H2

200

tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/ Frame 1312
Redirect Chain

https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73

49 B
713 B

76ms
75ms

Image
image/gif

54.171.173.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.2.32
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
cache-control: no-cache
x-server: 10.45.3.100
content-length: 0
expires: 0

GET
H/1.1 200
OK 35702
tags.bluekai.com/site/ Frame 1312 62 B
328 B 3365ms
183ms Image
image/gif 104.111.246.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/35702?id=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.246.202 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-246-202.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Dec 2020 19:05:27 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: c2c
Content-Type: image/gif

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 1312 95 B
259 B 51ms
45ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1367&env=mWeb&cid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&gdpr=$0&gdpr_consent=$
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://secure01b-bbt.webcindario.com
access-control-allow-credentials: true
cf-ray: 6074d5544aa5dfcf-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 073ce3a8ad0000dfcf2434f000000001

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 1312 43 B
106 B 3041ms
34ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_866925&src.visitorId=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&gdpr=0&gdpr_consent=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:26 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cm
trc.taboola.com/sg/neustar/1/ Frame 1312
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900603646000996835

0
271 B

31ms
31ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900603646000996835
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923124.932470,VS0,VE9
x-served-by: cache-fra19166-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164900603646000996835
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1

200
OK

ea2a8dd436cc48da801763ae9812abfb
i.liadm.com/s/e/32441/0/ Frame 1312
Redirect Chain

https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_li_chk=true&previous_uuid=d5ec6d8580f84b0eabc58f88953b4ee6
https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F32441%2F0%2Fea2a8dd436cc48da801763ae9812abfb%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&d5ec6d85-80f8-4b0e-abc5-8f88...
https://i.liadm.com/s/e/32441/0/ea2a8dd436cc48da801763ae9812abfb?mpid=7156&muid=cf915fe6-37f4-4b00-ac5d-2fe413bb4334

43 B
257 B

309ms
110ms

Image
image/gif

54.88.18.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/32441/0/ea2a8dd436cc48da801763ae9812abfb?mpid=7156&muid=cf915fe6-37f4-4b00-ac5d-2fe413bb4334

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.18.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Dec 2020 19:05:25 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Date: Fri, 25 Dec 2020 19:05:26 GMT
Server: MT3 3463 db13218 master cdg-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://i.liadm.com/s/e/32441/0/ea2a8dd436cc48da801763ae9812abfb?mpid=7156&muid=cf915fe6-37f4-4b00-ac5d-2fe413bb4334
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 25 Dec 2020 19:05:25 GMT

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame 1312
Redirect Chain

https://pixel.onaudience.com/?partner=137085097&mapped=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26mapped%3D%25%25UID%25%25
https://pixel.onaudience.com/?partner=161&icm&mapped=a55d5be2bbb9ffc08b8f81c3bd9e9a7b

35 B
248 B

30ms
30ms

Image
image/gif

51.210.112.236
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&mapped=a55d5be2bbb9ffc08b8f81c3bd9e9a7b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.112.236 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Fri, 25 Dec 2020 19:05:27 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&mapped=a55d5be2bbb9ffc08b8f81c3bd9e9a7b
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H2

200

395886.gif
idsync.rlcdn.com/ Frame 1312
Redirect Chain

https://ml314.com/utsync.ashx?eid=50077&et=0&fp=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d
https://idsync.rlcdn.com/395886.gif?partner_uid=3615491853231063045

42 B
306 B

21ms
21ms

Image
image/gif

34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/395886.gif?partner_uid=3615491853231063045
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Dec 2020 19:05:25 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

Pragma: no-cache
Date: Fri, 25 Dec 2020 19:05:24 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location: https://idsync.rlcdn.com/395886.gif?partner_uid=3615491853231063045
Cache-Control: private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 184
Expires: 0,Sat, 26 Dec 2020 14:05:25 GMT

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 1312
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
https://sync.1dmp.io/pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&cs=1

35 B
376 B

27ms
27ms

Image
image/gif

136.243.148.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&cs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.148.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:26 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&cs=1
date: Fri, 25 Dec 2020 19:05:26 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

204

/
loadm.exelator.com/load/ Frame 1312
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73
https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&xl8blockcheck=1

0
763 B

31ms
30ms

Image
text/plain

136.144.49.28
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&xl8blockcheck=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.49.28 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Fri, 25 Dec 2020 19:05:24 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 1312 95 B
179 B 40ms
36ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1412&env=mWeb&cid=7b6ad1b54a0c01838fc4b5929d2e29732d9aa2455a448997373d78dc2b18be70&gdpr=$0&gdpr_consent=$
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 19:05:23 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://secure01b-bbt.webcindario.com
access-control-allow-credentials: true
cf-ray: 6074d5544aa6dfcf-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 073ce3a8ae0000dfcf522ff000000001

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55973/ Frame 1312
Redirect Chain

https://pixel.advertising.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1
https://pixel.advertising.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&apid=UP24f7a855-46e4-11eb-85e9-023b0463e028
https://ups.analytics.yahoo.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&apid=UP24f7a855-46e4-11eb-85e9-023b0463e028&verify=true

0
964 B

25ms
24ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&apid=UP24f7a855-46e4-11eb-85e9-023b0463e028&verify=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Dec 2020 19:05:26 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Fri, 25 Dec 2020 19:05:26 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55973/sync?uid=12670856-abe7-4d50-89d9-b5fb6e3b7657-tuct6dfbd73&_origin=1&apid=UP24f7a855-46e4-11eb-85e9-023b0463e028&verify=true
Connection: keep-alive
Content-Length: 0

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ Frame 1312 9 KB
3 KB 26ms
22ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 994f1e42374da62e0cee6d313ded050cf25da1791bc6b93108b6c767ef9ee5c8

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: jMf5pqf.SadM71FjPvdg8VWrEWjJxNjG
content-encoding: gzip
etag: "b1c2e56f4b8971192b6424f549fefefb"
age: 337
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3121
x-amz-id-2: jZj8msKBF7nhBgBqUwZjEjMuym3q02iC09Yz/uusA+umvUkzUI21N1Jzu2M93rK4AxauvOZSZAY=
x-served-by: cache-fra19166-FRA
last-modified: Wed, 16 Dec 2020 10:52:48 GMT
server: AmazonS3
x-timer: S1608923124.895821,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 6C56DDA49CF240A2
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 62
x-cache-hits: 3949

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 1312 3 KB
1006 B 25ms
22ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tcahAQL7SM5vHmChLog9xryayd2KNhUu
content-encoding: gzip
etag: "9e155136143a96e23a99757df9aa3cc8"
age: 6255
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 728
x-amz-id-2: f65xj6iuxogMKrz0V0PcFaMwZec2VDREXRA0jdjbf3aLNlkxtn2vhTmCXQ21535SK5HpYLHFJGI=
x-served-by: cache-fra19166-FRA
last-modified: Sun, 15 Nov 2020 09:20:35 GMT
server: AmazonS3
x-timer: S1608923124.895463,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 414C1B5C7AA1A893
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 62
x-cache-hits: 54923

GET
H3-Q050

200

B25126091.291191166;dc_pre=CMbBldrp6e0CFUnAuwgdMtYEzA;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGD...
ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/ Frame 1312
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%...
https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_pre=CMbBldrp6e0CFUnAuwgdMtYEzA;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child...

42 B
65 B

41ms
40ms

Image
image/gif

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_pre=CMbBldrp6e0CFUnAuwgdMtYEzA;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?;dc_ref=secure01b-bbt.webcindario.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N295801.2069703TABOOLA/B25126091.291191166;dc_pre=CMbBldrp6e0CFUnAuwgdMtYEzA;dc_trk_aid=484391758;dc_trk_cid=143215929;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?;dc_ref=secure01b-bbt.webcindario.com
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 userx.20201224-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 1312 23 KB
8 KB 22ms
22ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20201224-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2077feca4c7d47457b724e1dba0636a33940d419f934bf1e0c6ab10a9bcd8fd

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: lE4X3tXEs7mDYzVypmZ5EKCgkRDT8kLA
content-encoding: gzip
etag: "e87399d926e40ccd04f692acdef11240"
age: 44
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 7880
x-amz-id-2: Pe6L/THlw3IAVpBt903RQAMO2g6pCdWlgu+3MrKvWsy1A19stysaQFF1tAuRBUrjSnULvv0FwgM=
x-served-by: cache-fra19166-FRA
last-modified: Thu, 24 Dec 2020 10:57:26 GMT
server: AmazonS3
x-timer: S1608923124.900503,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
vary: Accept-Encoding
x-amz-request-id: 430751D43610ED31
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 62
x-cache-hits: 53

GET
H2 200 660d4bbe03d8b537b7701ab78865a50c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1312 7 KB
7 KB 24ms
24ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: e96ce13bc63388ee4b7cebc2c1c7b91fd1a5df8c8487c21b89a37ec23bfce8b4

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1772753
edge-cache-tag: 345703844043356264111475524258613762013,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
content-length: 6717
x-request-id: da5af7af160ee2caeda0ef29ce3e8d1a
x-served-by: cache-dca17768-DCA, cache-dca17776-DCA, cache-fra19166-FRA
last-modified: Fri, 04 Dec 2020 11:25:21 GMT
server: cloudinary
x-timer: S1608923124.387007,VS0,VE0
etag: "2fef5a612947693abac34c370d888c1d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 02c1c5a78fe7e055fc9f5c99b2ead6a9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1312 7 KB
8 KB 23ms
22ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02c1c5a78fe7e055fc9f5c99b2ead6a9.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9da207cf23084ccc3d338b41bc1783517e4c5129e49477532b43fe06d55fdb90

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1916719
edge-cache-tag: 521778653778381575419163598542051924527,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 27 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02c1c5a78fe7e055fc9f5c99b2ead6a9.jpg
content-length: 7653
x-served-by: cache-dca17747-DCA, cache-dca17770-DCA, cache-fra19166-FRA
last-modified: Thu, 26 Nov 2020 20:33:02 GMT
server: cloudinary
x-timer: S1608923124.397486,VS0,VE0
etag: "1d739ea2355951ff73202bfdd5cc103a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 3

GET
H2 200 6e8840569dace49ce9334ca535788561.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1312 12 KB
13 KB 23ms
23ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e8840569dace49ce9334ca535788561.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 01c55834913eb5d789c845bd4d667e37e61f59d5efd28dc7bc81ca0c306a1721

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 641085
edge-cache-tag: 397453652855030834564860938788755651292,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e8840569dace49ce9334ca535788561.jpg
content-length: 12451
x-request-id: ecda724818b682b98836e9be7a63f233
x-served-by: cache-dca17779-DCA, cache-dca17782-DCA, cache-fra19166-FRA
last-modified: Thu, 17 Dec 2020 20:18:31 GMT
server: cloudinary
x-timer: S1608923124.408943,VS0,VE0
etag: "e82892fc1439fa70043d339393ed986e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 3

GET
H2 200 97eaaf3ee1b9820348e7d5d26709c934.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1312 10 KB
11 KB 23ms
22ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97eaaf3ee1b9820348e7d5d26709c934.png
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4bd26468a2ea689e8809e8f8b2af4aa6e908ba18f7bbef42114c1eb1ad9f5ec1

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1823012
edge-cache-tag: 461876095686670384401610559578852227500,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 27 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97eaaf3ee1b9820348e7d5d26709c934.png
content-length: 10732
x-served-by: cache-dca17759-DCA, cache-dca17774-DCA, cache-fra19166-FRA
last-modified: Thu, 26 Nov 2020 12:39:34 GMT
server: cloudinary
x-timer: S1608923124.411669,VS0,VE0
etag: "bcd3f8d0a32e0de561d56c7015ae772e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 3

GET
H2 200 6b58272e859161a9eb867eebd0a19039.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1312 11 KB
11 KB 23ms
22ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b58272e859161a9eb867eebd0a19039.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6d3b58872603b9f4e7adad9aa362fa471defaa1e660d3c526e268371e9bcea36

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1301865
edge-cache-tag: 467337849910430526017171593061685654671,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b58272e859161a9eb867eebd0a19039.jpg
content-length: 10888
x-request-id: 439613bd2ab080b10b07c119e79bb2b0
x-served-by: cache-dca17738-DCA, cache-dca17739-DCA, cache-fra19166-FRA
last-modified: Thu, 26 Nov 2020 22:13:29 GMT
server: cloudinary
x-timer: S1608923124.420897,VS0,VE0
etag: "937d5b97ee134cd210465497f24a0338"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 3

GET
H2 200 d38cf987f8e5b892244668e70cb9815b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1312 5 KB
5 KB 111ms
111ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d38cf987f8e5b892244668e70cb9815b.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 8703ce95186738b9b9bb9525d5759f94a3aa1660124d5d8df6e79d696d505ed8

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 88
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 48973
edge-cache-tag: 525835232324056677396052667859359728272,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d38cf987f8e5b892244668e70cb9815b.jpg
content-length: 4866
x-request-id: 7411e782efc0176b1326aaf56f05d27c
x-served-by: cache-dca17746-DCA, cache-dca17746-DCA, cache-fra19166-FRA
last-modified: Fri, 11 Dec 2020 08:07:55 GMT
server: cloudinary
x-timer: S1608923124.432642,VS0,VE88
etag: "2c461a7e4a8f6c4d61d0da2db2fbf594"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 1312 254 B
626 B 22ms
21ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 25707
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by: cache-fra19166-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1608923124.930354,VS0,VE0
date: Fri, 25 Dec 2020 19:05:23 GMT
x-amz-request-id: F6D91014AAA6CDC4
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 62
x-cache-hits: 19749

GET
H2 200 660d4bbe03d8b537b7701ab78865a50c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 40BF 16 KB
17 KB 24ms
24ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1a5721d954022cfe95c265712b15f6a5c00deb666779162112ba297d5c64b019

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1331423
edge-cache-tag: 345703844043356264111475524258613762013,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Mon, 04 Jan 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
content-length: 16316
x-served-by: cache-dca17762-DCA, cache-dca17737-DCA, cache-fra19166-FRA
last-modified: Fri, 04 Dec 2020 13:14:57 GMT
server: cloudinary
x-timer: S1608923124.435129,VS0,VE0
etag: "8efc7eee106ef446195e6cc7899d6511"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02c1c5a78fe7e055fc9f5c99b2ead6a9.jpg
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9da207cf23084ccc3d338b41bc1783517e4c5129e49477532b43fe06d55fdb90

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1916719
edge-cache-tag: 521778653778381575419163598542051924527,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 27 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02c1c5a78fe7e055fc9f5c99b2ead6a9.jpg
content-length: 7653
x-served-by: cache-dca17747-DCA, cache-dca17770-DCA, cache-fra19166-FRA
last-modified: Thu, 26 Nov 2020 20:33:02 GMT
server: cloudinary
x-timer: S1608923124.444164,VS0,VE0
etag: "1d739ea2355951ff73202bfdd5cc103a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e8840569dace49ce9334ca535788561.jpg
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 01c55834913eb5d789c845bd4d667e37e61f59d5efd28dc7bc81ca0c306a1721

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 641085
edge-cache-tag: 397453652855030834564860938788755651292,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e8840569dace49ce9334ca535788561.jpg
content-length: 12451
x-request-id: ecda724818b682b98836e9be7a63f233
x-served-by: cache-dca17779-DCA, cache-dca17782-DCA, cache-fra19166-FRA
last-modified: Thu, 17 Dec 2020 20:18:31 GMT
server: cloudinary
x-timer: S1608923124.459600,VS0,VE0
etag: "e82892fc1439fa70043d339393ed986e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 4

POST
H2 204 bulk Show response
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/ Frame 1347 0
409 B 31ms
31ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923124.281616,VS0,VE9
x-served-by: cache-fra19166-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 visible Show response
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/ Frame 1347 0
409 B 32ms
31ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923124.284204,VS0,VE9
x-served-by: cache-fra19166-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: e96ce13bc63388ee4b7cebc2c1c7b91fd1a5df8c8487c21b89a37ec23bfce8b4

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1772753
edge-cache-tag: 345703844043356264111475524258613762013,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
content-length: 6717
x-request-id: da5af7af160ee2caeda0ef29ce3e8d1a
x-served-by: cache-dca17768-DCA, cache-dca17776-DCA, cache-fra19166-FRA
last-modified: Fri, 04 Dec 2020 11:25:21 GMT
server: cloudinary
x-timer: S1608923124.467472,VS0,VE0
etag: "2fef5a612947693abac34c370d888c1d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97eaaf3ee1b9820348e7d5d26709c934.png
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4bd26468a2ea689e8809e8f8b2af4aa6e908ba18f7bbef42114c1eb1ad9f5ec1

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1823012
edge-cache-tag: 461876095686670384401610559578852227500,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 27 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97eaaf3ee1b9820348e7d5d26709c934.png
content-length: 10732
x-served-by: cache-dca17759-DCA, cache-dca17774-DCA, cache-fra19166-FRA
last-modified: Thu, 26 Nov 2020 12:39:34 GMT
server: cloudinary
x-timer: S1608923124.483228,VS0,VE0
etag: "bcd3f8d0a32e0de561d56c7015ae772e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b58272e859161a9eb867eebd0a19039.jpg
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6d3b58872603b9f4e7adad9aa362fa471defaa1e660d3c526e268371e9bcea36

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1301865
edge-cache-tag: 467337849910430526017171593061685654671,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b58272e859161a9eb867eebd0a19039.jpg
content-length: 10888
x-request-id: 439613bd2ab080b10b07c119e79bb2b0
x-served-by: cache-dca17738-DCA, cache-dca17739-DCA, cache-fra19166-FRA
last-modified: Thu, 26 Nov 2020 22:13:29 GMT
server: cloudinary
x-timer: S1608923124.490789,VS0,VE0
etag: "937d5b97ee134cd210465497f24a0338"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4d2e2932a4dfb5725fd77c2c4a66d35d.png
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 33a9bdc21470d5848b4a8ef6bcd1159e7f5d3bc8a43fce9ab4553191148f2799

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 961270
edge-cache-tag: 491567243346629010938073988898900300089,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 03 Jan 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4d2e2932a4dfb5725fd77c2c4a66d35d.png
content-length: 6682
x-served-by: cache-dca17730-DCA, cache-dca17735-DCA, cache-fra19166-FRA
last-modified: Thu, 03 Dec 2020 11:43:58 GMT
server: cloudinary
x-timer: S1608923125.506711,VS0,VE0
etag: "a039ed3784728019f3eb012ad9fa2de8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 3

POST
H2 204 bulk Show response
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/ Frame 4375 0
409 B 31ms
31ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923124.334822,VS0,VE9
x-served-by: cache-fra19166-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 visible Show response
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/ Frame 4375 0
57 B 31ms
31ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923124.336674,VS0,VE9
x-served-by: cache-fra19166-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 660d4bbe03d8b537b7701ab78865a50c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5FE2 7 KB
7 KB 23ms
22ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: e96ce13bc63388ee4b7cebc2c1c7b91fd1a5df8c8487c21b89a37ec23bfce8b4

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1772753
edge-cache-tag: 345703844043356264111475524258613762013,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
content-length: 6717
x-request-id: da5af7af160ee2caeda0ef29ce3e8d1a
x-served-by: cache-dca17768-DCA, cache-dca17776-DCA, cache-fra19166-FRA
last-modified: Fri, 04 Dec 2020 11:25:21 GMT
server: cloudinary
x-timer: S1608923125.514345,VS0,VE0
etag: "2fef5a612947693abac34c370d888c1d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 4

GET
H2 200 02c1c5a78fe7e055fc9f5c99b2ead6a9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5FE2 7 KB
8 KB 22ms
22ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02c1c5a78fe7e055fc9f5c99b2ead6a9.jpg
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9da207cf23084ccc3d338b41bc1783517e4c5129e49477532b43fe06d55fdb90

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1916719
edge-cache-tag: 521778653778381575419163598542051924527,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 27 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02c1c5a78fe7e055fc9f5c99b2ead6a9.jpg
content-length: 7653
x-served-by: cache-dca17747-DCA, cache-dca17770-DCA, cache-fra19166-FRA
last-modified: Thu, 26 Nov 2020 20:33:02 GMT
server: cloudinary
x-timer: S1608923125.529902,VS0,VE0
etag: "1d739ea2355951ff73202bfdd5cc103a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 5

GET
H2 200 6e8840569dace49ce9334ca535788561.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5FE2 12 KB
13 KB 23ms
22ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e8840569dace49ce9334ca535788561.jpg
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 01c55834913eb5d789c845bd4d667e37e61f59d5efd28dc7bc81ca0c306a1721

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 641085
edge-cache-tag: 397453652855030834564860938788755651292,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e8840569dace49ce9334ca535788561.jpg
content-length: 12451
x-request-id: ecda724818b682b98836e9be7a63f233
x-served-by: cache-dca17779-DCA, cache-dca17782-DCA, cache-fra19166-FRA
last-modified: Thu, 17 Dec 2020 20:18:31 GMT
server: cloudinary
x-timer: S1608923125.537406,VS0,VE0
etag: "e82892fc1439fa70043d339393ed986e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 5

GET
H2 200 97eaaf3ee1b9820348e7d5d26709c934.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5FE2 10 KB
11 KB 23ms
23ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97eaaf3ee1b9820348e7d5d26709c934.png
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4bd26468a2ea689e8809e8f8b2af4aa6e908ba18f7bbef42114c1eb1ad9f5ec1

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1823012
edge-cache-tag: 461876095686670384401610559578852227500,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 27 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97eaaf3ee1b9820348e7d5d26709c934.png
content-length: 10732
x-served-by: cache-dca17759-DCA, cache-dca17774-DCA, cache-fra19166-FRA
last-modified: Thu, 26 Nov 2020 12:39:34 GMT
server: cloudinary
x-timer: S1608923125.544686,VS0,VE0
etag: "bcd3f8d0a32e0de561d56c7015ae772e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 5

GET
H2 200 6b58272e859161a9eb867eebd0a19039.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5FE2 11 KB
11 KB 23ms
22ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b58272e859161a9eb867eebd0a19039.jpg
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6d3b58872603b9f4e7adad9aa362fa471defaa1e660d3c526e268371e9bcea36

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1301865
edge-cache-tag: 467337849910430526017171593061685654671,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b58272e859161a9eb867eebd0a19039.jpg
content-length: 10888
x-request-id: 439613bd2ab080b10b07c119e79bb2b0
x-served-by: cache-dca17738-DCA, cache-dca17739-DCA, cache-fra19166-FRA
last-modified: Thu, 26 Nov 2020 22:13:29 GMT
server: cloudinary
x-timer: S1608923125.552893,VS0,VE0
etag: "937d5b97ee134cd210465497f24a0338"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 5

GET
H2 200 4d2e2932a4dfb5725fd77c2c4a66d35d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5FE2 7 KB
7 KB 24ms
22ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4d2e2932a4dfb5725fd77c2c4a66d35d.png
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 33a9bdc21470d5848b4a8ef6bcd1159e7f5d3bc8a43fce9ab4553191148f2799

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 961270
edge-cache-tag: 491567243346629010938073988898900300089,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 03 Jan 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4d2e2932a4dfb5725fd77c2c4a66d35d.png
content-length: 6682
x-served-by: cache-dca17730-DCA, cache-dca17735-DCA, cache-fra19166-FRA
last-modified: Thu, 03 Dec 2020 11:43:58 GMT
server: cloudinary
x-timer: S1608923125.560959,VS0,VE0
etag: "a039ed3784728019f3eb012ad9fa2de8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 4

POST
H2 204 bulk Show response
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/ Frame 40BF 0
57 B 33ms
32ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923124.417834,VS0,VE9
x-served-by: cache-fra19166-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 visible Show response
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/ Frame 40BF 0
409 B 32ms
31ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923124.418667,VS0,VE9
x-served-by: cache-fra19166-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 660d4bbe03d8b537b7701ab78865a50c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1312 7 KB
7 KB 25ms
23ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: e96ce13bc63388ee4b7cebc2c1c7b91fd1a5df8c8487c21b89a37ec23bfce8b4

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1772753
edge-cache-tag: 345703844043356264111475524258613762013,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/660d4bbe03d8b537b7701ab78865a50c.jpg
content-length: 6717
x-request-id: da5af7af160ee2caeda0ef29ce3e8d1a
x-served-by: cache-dca17768-DCA, cache-dca17776-DCA, cache-fra19166-FRA
last-modified: Fri, 04 Dec 2020 11:25:21 GMT
server: cloudinary
x-timer: S1608923125.560960,VS0,VE0
etag: "2fef5a612947693abac34c370d888c1d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 5

GET
H2 200 02c1c5a78fe7e055fc9f5c99b2ead6a9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1312 7 KB
8 KB 26ms
24ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02c1c5a78fe7e055fc9f5c99b2ead6a9.jpg
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9da207cf23084ccc3d338b41bc1783517e4c5129e49477532b43fe06d55fdb90

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1916719
edge-cache-tag: 521778653778381575419163598542051924527,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 27 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02c1c5a78fe7e055fc9f5c99b2ead6a9.jpg
content-length: 7653
x-served-by: cache-dca17747-DCA, cache-dca17770-DCA, cache-fra19166-FRA
last-modified: Thu, 26 Nov 2020 20:33:02 GMT
server: cloudinary
x-timer: S1608923125.561166,VS0,VE0
etag: "1d739ea2355951ff73202bfdd5cc103a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 6

GET
H2 200 6e8840569dace49ce9334ca535788561.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1312 12 KB
13 KB 24ms
23ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e8840569dace49ce9334ca535788561.jpg
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 01c55834913eb5d789c845bd4d667e37e61f59d5efd28dc7bc81ca0c306a1721

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 641085
edge-cache-tag: 397453652855030834564860938788755651292,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e8840569dace49ce9334ca535788561.jpg
content-length: 12451
x-request-id: ecda724818b682b98836e9be7a63f233
x-served-by: cache-dca17779-DCA, cache-dca17782-DCA, cache-fra19166-FRA
last-modified: Thu, 17 Dec 2020 20:18:31 GMT
server: cloudinary
x-timer: S1608923125.561135,VS0,VE0
etag: "e82892fc1439fa70043d339393ed986e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 6

GET
H2 200 97eaaf3ee1b9820348e7d5d26709c934.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1312 10 KB
11 KB 23ms
22ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97eaaf3ee1b9820348e7d5d26709c934.png
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4bd26468a2ea689e8809e8f8b2af4aa6e908ba18f7bbef42114c1eb1ad9f5ec1

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1823012
edge-cache-tag: 461876095686670384401610559578852227500,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 27 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97eaaf3ee1b9820348e7d5d26709c934.png
content-length: 10732
x-served-by: cache-dca17759-DCA, cache-dca17774-DCA, cache-fra19166-FRA
last-modified: Thu, 26 Nov 2020 12:39:34 GMT
server: cloudinary
x-timer: S1608923125.568089,VS0,VE0
etag: "bcd3f8d0a32e0de561d56c7015ae772e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 6

GET
H2 200 6b58272e859161a9eb867eebd0a19039.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1312 11 KB
11 KB 25ms
25ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b58272e859161a9eb867eebd0a19039.jpg
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6d3b58872603b9f4e7adad9aa362fa471defaa1e660d3c526e268371e9bcea36

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1301865
edge-cache-tag: 467337849910430526017171593061685654671,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b58272e859161a9eb867eebd0a19039.jpg
content-length: 10888
x-request-id: 439613bd2ab080b10b07c119e79bb2b0
x-served-by: cache-dca17738-DCA, cache-dca17739-DCA, cache-fra19166-FRA
last-modified: Thu, 26 Nov 2020 22:13:29 GMT
server: cloudinary
x-timer: S1608923125.577552,VS0,VE0
etag: "937d5b97ee134cd210465497f24a0338"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d38cf987f8e5b892244668e70cb9815b.jpg
Requested by: Host: secure01b-bbt.webcindario.com
URL: https://secure01b-bbt.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 8703ce95186738b9b9bb9525d5759f94a3aa1660124d5d8df6e79d696d505ed8

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 48973
edge-cache-tag: 525835232324056677396052667859359728272,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d38cf987f8e5b892244668e70cb9815b.jpg
content-length: 4866
x-request-id: 7411e782efc0176b1326aaf56f05d27c
x-served-by: cache-dca17746-DCA, cache-dca17746-DCA, cache-fra19166-FRA
last-modified: Fri, 11 Dec 2020 08:07:55 GMT
server: cloudinary
x-timer: S1608923125.586750,VS0,VE0
etag: "2c461a7e4a8f6c4d61d0da2db2fbf594"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1

POST
H2 204 visible Show response
trc.taboola.com/indice-hwebcindario300x600gr-r17556238/log/3/ Frame 74E4 0
62 B 47ms
46ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x600gr-r17556238/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 24
pragma: no-cache
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923125.837597,VS0,VE24
x-served-by: cache-fra19166-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 bulk Show response
trc.taboola.com/indice-hwebcindario300x600gr-r17556238/log/3/ Frame 74E4 0
409 B 45ms
44ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x600gr-r17556238/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923125.851086,VS0,VE9
x-served-by: cache-fra19166-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 bulk Show response
trc.taboola.com/indice-hwebcindario300x600gr-r17556238/log/3/ Frame 5FE2 0
85 B 31ms
31ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x600gr-r17556238/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923125.858416,VS0,VE9
x-served-by: cache-fra19166-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 visible Show response
trc.taboola.com/indice-hwebcindario300x600gr-r17556238/log/3/ Frame 5FE2 0
61 B 40ms
39ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x600gr-r17556238/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 17
pragma: no-cache
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923125.860918,VS0,VE17
x-served-by: cache-fra19166-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 bulk Show response
trc.taboola.com/indice-hwebcindario300x600gr-r17556238/log/3/ Frame 1312 0
57 B 32ms
32ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x600gr-r17556238/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923125.912468,VS0,VE9
x-served-by: cache-fra19166-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 visible Show response
trc.taboola.com/indice-hwebcindario300x600gr-r17556238/log/3/ Frame 1312 0
61 B 40ms
39ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x600gr-r17556238/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 18
pragma: no-cache
date: Fri, 25 Dec 2020 19:05:24 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608923125.915698,VS0,VE18
x-served-by: cache-fra19166-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure01b-bbt.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H/1.1

204
No Content

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEYwMkU5MjItQ0ZFRi00RkI3LThCMkUtMzM0NUFDRTc3NjhG&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
507 B

23ms
22ms

Image
text/plain

185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Dec 2020 19:05:25 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 25 Dec 2020 19:05:25 GMT
X-lat: Pug23034:0:283
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
X-Cnection: close
Content-Type: text/html; charset=iso-8859-1
Content-Length: 398

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIpO05IW9CtEK2NV0QxDFH4&google_cver=1

43 B
114 B

26ms
24ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIpO05IW9CtEK2NV0QxDFH4&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.199.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://secure01b-bbt.webcindario.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:25 GMT
via: 1.1 google
server: OXGW/16.199.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Dec 2020 19:05:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIpO05IW9CtEK2NV0QxDFH4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id5-sync.com
URL: https://id5-sync.com/c/464/146/1/7.gif?puid=4c434b91-c71f-4566-a83c-d28f916059f8&gdpr=1&gdpr_consent=

Domain: rtb.gumgum.com
URL: https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F0%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: id5-sync.com
URL: https://id5-sync.com/c/464/485/0/8.gif?puid=30582427864988804148535671688645960914&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Royal Mail (Government)

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.secure01b-bbt.webcindario.com/	1970-01-19 14:55:23	Name: _gat_UA-597118-7 Value: 1
.secure01b-bbt.webcindario.com/	1970-01-19 14:56:49	Name: _gid Value: GA1.3.1972664269.1608923112
.secure01b-bbt.webcindario.com/	1970-01-20 08:26:35	Name: _ga Value: GA1.3.1895500992.1608923112
.secure01b-bbt.webcindario.com/	1970-01-19 14:55:23	Name: _gat_UA-597118-1 Value: 1
.webcindario.com/	1970-01-25 20:31:23	Name: __muid Value: 92a1dc2d82e0b4155681145218e90ef90abd6dae

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4(Line 4) Message: [43m%s[0m Send completed [object Object]
console-api	log	URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=(Line 1) Message: %c [object HTMLImageElement]
console-api	warning	URL: https://secure01b-bbt.webcindario.com/(Line 133) Message: USP is not accessible
console-api	log	(Line 6) Message: element .item-label-href arrived
console-api	log	(Line 6) Message: element .item-label-href arrived
console-api	log	(Line 6) Message: element .item-label-href arrived
console-api	warning	URL: https://secure01b-bbt.webcindario.com/(Line 133) Message: USP is not accessible

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ad.doubleclick.net
ads.projectagoraservices.com
adx.adform.net
bh.contextweb.com
bttrack.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
cm.smadex.com
d.agkn.com
des.smartclip.net
dis.criteo.com
dsp.adkernel.com
e1.emxdgt.com
eu-u.openx.net
hbopenbid.pubmatic.com
hosting.miarroba.info
i.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image8.pubmatic.com
images.taboola.com
img.sunmediaads.com
js.agkn.com
loada.exelator.com
loadm.exelator.com
match.adsrvr.org
match.taboola.com
ml314.com
mwzeom.zeotap.com
odr.mookie1.com
pixel.advertising.com
pixel.onaudience.com
pixel.rubiconproject.com
play.sunmediaads.com
prg.smartadserver.com
prod.perf-serving.com
projectagora-483829-hdb.adomik.com
projectagora-d.openx.net
projectagora.net
quantcast.mgr.consensu.org
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
rules.quantcount.com
s.c.appier.net
secure.quantserve.com
secure01b-bbt.webcindario.com
services.sunmedia.tv
servingcdn.net
simage2.pubmatic.com
static.sunmedia.tv
stats.g.doubleclick.net
sync-t1.taboola.com
sync.1dmp.io
sync.crwdcntrl.net
sync.mathtag.com
sync.richaudience.com
sync.taboola.com
tags.bluekai.com
track.sunmedia.tv
trc.taboola.com
u.ipw.metadsp.co.uk
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.storygize.net
x.bidswitch.net
id5-sync.com
rtb.gumgum.com
104.111.246.202
136.144.49.28
136.243.148.229
139.162.58.205
141.226.224.32
141.226.228.48
151.101.13.44
159.69.60.133
172.217.23.102
174.137.133.49
178.250.2.151
18.185.180.173
18.195.155.181
18.195.240.234
185.29.135.42
185.64.189.112
185.64.190.79
185.64.190.80
185.86.137.131
185.86.139.59
192.132.33.46
198.148.27.139
212.92.55.6
216.52.2.39
216.58.212.162
2600:9000:206f:aa00:15:efbc:e300:93a1
2600:9000:2127:400:6:44e3:f8c0:93a1
2600:9000:2156:9200:9:46dc:4700:93a1
2606:4700:10::6816:1857
2606:4700:20::681a:dc8
2606:4700:3035::6812:3c5e
2606:4700::6810:135e
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:806::2003
2a00:1450:4001:808::2008
2a00:1450:4001:814::2004
2a00:1450:4001:819::2002
2a00:1450:4001:820::200e
2a00:1450:400c:c0c::9d
2a02:26f0:64::210:6b1a
3.120.162.24
3.121.50.79
3.124.119.192
3.126.56.137
3.131.72.148
34.120.207.148
34.240.209.250
34.253.64.195
34.98.64.218
34.98.67.61
35.161.8.247
35.176.88.2
35.210.239.72
37.157.6.246
37.252.172.38
5.57.226.202
51.210.112.236
51.89.234.150
52.17.253.7
52.49.20.76
54.171.173.220
54.88.18.91
65.9.96.27
69.173.144.139
89.255.248.54
01c55834913eb5d789c845bd4d667e37e61f59d5efd28dc7bc81ca0c306a1721
04ce9b19e5c5db3f9d52fba0c5ef6836cb465c6a61573a962fa952ae9835d16e
051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c65b4d69236ad985c34fecde481df06a177969c63083692935a17525c47cab7
11a96bafc89b47647ee18ddb1c4ab1083a83062ae6e324636db5b5184e522ebb
1a5721d954022cfe95c265712b15f6a5c00deb666779162112ba297d5c64b019
1b7b30e5d39ee70ff4346e1a6866466a63ac691d2d47233c35b0a739666f2920
2087a4e9d8db7289c982949c16f28e5d36d4e14def7dc6126b7ec154c4036bf9
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
33783ebe3b85449f292389f603bf1d95cecefb03ad3ba36a78527c6a6af42506
33a9bdc21470d5848b4a8ef6bcd1159e7f5d3bc8a43fce9ab4553191148f2799
34facdf1f8057f993bc7f5de07e3ea25a03b66e65d11e6e382823e8db951c2a2
3570c0b18a3cf142208724ae1e4d802394bed4fc5c2cd1ebaa37f9ca0379671f
365365fe04f0a45a2ace05b4e47705eb0a9cdbc9a91310673efa51a0e2771e63
37fe35111d7c5111b64cb763dee7012e6d745754661a8873fe00c447e0b05b33
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f0bcd618a7d3c5da442f97ae65f9ebb16fe2cfb0a6f8f65861db5e3285e2ef6
436260ec7b1acf3af87e7e2e8afd28cef5c66bc601f76e5e1932b521786f446b
437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854
43b9d30c68e6583a9fd1779713362522eb175ccb318e252387f3e955156acee6
43be4c490263685dbe90bd202cc46cbb42269c0c446df4ccd620b80a7250aa9a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6b8041e1825b26316a0c83a84a6f0b6478d915a5ec768e58a616c1c26adbd4
4bd26468a2ea689e8809e8f8b2af4aa6e908ba18f7bbef42114c1eb1ad9f5ec1
4d6162cb417633e25e6d0793bfad0073a7e979c26b20d79a1db660a5e1dc829b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed9d4f92980f75122bf4a9900e32f30c98d3cd92083578b50f977337e9b5887
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
620c53ec2b581b075b9003f2ec873fd8148dd5abbadd6b1fcefd0f83ef234c08
688d136306f3b37ca1bb0fff96c65d0e6fb1f23ed44c1873d5afe8b7dbbcad28
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d3b58872603b9f4e7adad9aa362fa471defaa1e660d3c526e268371e9bcea36
6e32828af19e5c6008e0b3a70816154d630da686054cd315ba9d2df96ea30739
6f5d526c6f8223bf31c049316789622f8ea942e3f74d2578c25ea5ea52d21480
762dea92c558768a1b330ae7f2c91e4c93b42644627a097beab3c10f84a70f0d
7bf7d0b79da16e80aab5ad05b46cbc46e461eb3554fb9a0462a0fba3dfa91ab7
7c074d5639b08b7eee3923842b52d5333c37eceb96baf14ee213584981066fe5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8703ce95186738b9b9bb9525d5759f94a3aa1660124d5d8df6e79d696d505ed8
8987c2c672aeb5cf90cd8ca132242fba777264a0e9d355c85bc72c65e14fa72d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
994f1e42374da62e0cee6d313ded050cf25da1791bc6b93108b6c767ef9ee5c8
9972169f999912ceec5c30e2ab137849f9814b1e89f7ccffc34f77960ab24e44
9da207cf23084ccc3d338b41bc1783517e4c5129e49477532b43fe06d55fdb90
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
ae54018f777765f8c4ae2511b16af69d01f891eecb7b1ae01955ef2369c625e4
af5a8f6c64a181e0ccf8a4168aae045faca88c8c61e5bde24c657a9f22067c9a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835
b3c139af9f5317dd4721da555d325dce2e70e82c66a71999b7f9c643db4d98fa
c2b19343a0c70e8766ab29db692677c2ea099f7e8bcc1aac528c7294e422d55f
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cac1cffb1f7ee381952ac307a2390f184712b5b7a22b66b82c6e75e376957aea
cc9fb73b14fad55cd992a089faa6c45d2b2c1b0af1d3b715a8f774a7fe0e9e1c
ce347d6dfb58eb986351695bfc565ffb59d30714dcbbf12bce99e5fb06071719
d01011b2cd6d2dc19be6656227818d464428aafc2ef619fb6ebb3cce9d32f46e
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d2077feca4c7d47457b724e1dba0636a33940d419f934bf1e0c6ab10a9bcd8fd
d473b28534c5c4f5392e248e29d83238211e06dfe8f004d18d82e530bb6b3dce
d76cc60f0972cd43f90f0ee51846797c65b09dd1d2ed0435263401133a25a159
da3e44c512dcca7b2f1022af09bac0ce9771c28aaf33d9e8681255ec016093d4
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3802f02f4480d3b247af948f029fc343b6947d933a8dc978a738be684e7a3f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e5c39ad732b2bd59a4f7fcfba22b111b16b5e2136937259a7a9a12e62b345020
e96ce13bc63388ee4b7cebc2c1c7b91fd1a5df8c8487c21b89a37ec23bfce8b4
ea1016daa8463fb67914a198f8cb8403d90e4fa381b9fcd5a195947aa01bc4ca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef913f1b1f2132ba1e2ec53822307ae9fec4f6689efed38796061f49dc4ba8e8
f33f8c271b704a3a06db5ef14daa0a3b18e35643df7678ca1128e7500dc5728f
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

secure01b-bbt.webcindario.com Open in urlscan Pro 5.57.226.202 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

274 Requests

99 %HTTPS

23 %IPv6

56 Domains

76 Subdomains

53 IPs

11 Countries

3257 kBTransfer

6358 kBSize

5 Cookies

0 Outgoing links

Redirected requests

274 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure01b-bbt.webcindario.com Open in urlscan Pro
5.57.226.202 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

274
Requests

99 %
HTTPS

23 %
IPv6

56
Domains

76
Subdomains

53
IPs

11
Countries

3257 kB
Transfer

6358 kB
Size

5
Cookies

274 HTTP transactions
0 data transactions