loged.webcindario.com Open in urlscan Pro
5.57.226.202 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cuturl.net/TQgYkY
Effective URL:
https://loged.webcindario.com/l-o-g/session/app/signin.php
Submission Tags: phishing malicious Search All
Submission: On December 29 via api (December 29th 2020, 12:27:47 am UTC) from US

Summary HTTP 254 Redirects Behaviour Indicators

Summary

This website contacted 47 IPs in 13 countries across 52 domains to perform 254 HTTP transactions. The main IP is 5.57.226.202, located in Madrid, Spain and belongs to SERVIHOSTING-AS AireNetworks, ES. The main domain is loged.webcindario.com.
TLS certificate: Issued by R3 on December 7th 2020. Valid for: 3 months.

This is the only time loged.webcindario.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 1	139.180.217.94 139.180.217.94	20473 (AS-CHOOPA) (AS-CHOOPA)
4	5.57.226.202 5.57.226.202	29119 (SERVIHOST...) (SERVIHOSTING-AS AireNetworks)
2	2606:4700:20:... 2606:4700:20::681a:cc8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:214... 2600:9000:214f:8600:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
1	54.194.51.120 54.194.51.120	16509 (AMAZON-02) (AMAZON-02)
1	89.255.248.54 89.255.248.54	60626 (LEASEWEBCDN) (LEASEWEBCDN)
3	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:3000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	212.92.55.6 212.92.55.6	24592 (NEXICA-AS) (NEXICA-AS)
5	51.89.99.150 51.89.99.150	16276 (OVH) (OVH)
1	3.138.133.95 3.138.133.95	16509 (AMAZON-02) (AMAZON-02)
1	51.89.64.207 51.89.64.207	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:26f0:10:... 2a02:26f0:10::5c7a:d4e0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:303... 2606:4700:3035::6812:3c5e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:214... 2600:9000:214f:ae00:15:efbc:e300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	159.69.72.190 159.69.72.190	24940 (HETZNER-AS) (HETZNER-AS)
1	52.57.98.174 52.57.98.174	16509 (AMAZON-02) (AMAZON-02)
9	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
6	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	185.86.139.95 185.86.139.95	201081 (SMARTADSE...) (SMARTADSERVER)
6	37.157.2.235 37.157.2.235	198622 (ADFORM) (ADFORM)
6	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
80	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
2	34.255.253.25 34.255.253.25	16509 (AMAZON-02) (AMAZON-02)
4 4	3.121.49.210 3.121.49.210	16509 (AMAZON-02) (AMAZON-02)
6 19	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 6	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
3 6	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
3 3	52.31.46.99 52.31.46.99	16509 (AMAZON-02) (AMAZON-02)
1 4	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
3 3	54.149.132.44 54.149.132.44	16509 (AMAZON-02) (AMAZON-02)
3	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
3	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
3	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
3 3	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	172.105.221.29 172.105.221.29	63949 (LINODE-AP...) (LINODE-AP Linode)
3	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
2	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
3 3	52.57.142.16 52.57.142.16	16509 (AMAZON-02) (AMAZON-02)
1 1	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
2 4	52.30.140.199 52.30.140.199	16509 (AMAZON-02) (AMAZON-02)
3	104.111.246.202 104.111.246.202	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
3 3	52.29.85.133 52.29.85.133	16509 (AMAZON-02) (AMAZON-02)
3 6	147.75.102.200 147.75.102.200	54825 (PACKET) (PACKET)
254	47

1 139.180.217.94 (Singapore, Singapore) 1 redirects

ASN20473 (AS-CHOOPA, US)

cuturl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 5.57.226.202 (Madrid, Spain)

ASN29119 (SERVIHOSTING-AS AireNetworks, ES)

loged.webcindario.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:cc8 (United States)

ASN13335 (CLOUDFLARENET, US)

hosting.miarroba.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:8600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

beltornado2020.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.51.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-51-120.eu-west-1.compute.amazonaws.com

des.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.255.248.54 (Netherlands)

ASN60626 (LEASEWEBCDN, NL)

img.sunmediaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:3000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.92.55.6 (Spain)

ASN24592 (NEXICA-AS, ES)
PTR: unamed.nexica.net

play.sunmediaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.89.99.150 (France)

ASN16276 (OVH, FR)
PTR: ns3163893.ip-51-89-99.eu

static.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.138.133.95 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-138-133-95.us-east-2.compute.amazonaws.com

servingcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.64.207 (France)

ASN16276 (OVH, FR)
PTR: ns3168032.ip-51-89-64.eu

services.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:10::5c7a:d4e0 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

ads.projectagoraservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6812:3c5e (United States)

ASN13335 (CLOUDFLARENET, US)

projectagora.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:ae00:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.72.190 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cm022.richaudience.com

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.98.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-98-174.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.33.221.15 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.139.95 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.2.235 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

projectagora-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

80 199.232.137.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.253.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-253-25.eu-west-1.compute.amazonaws.com

projectagora-483829-hdb.adomik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.121.49.210 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 141.226.228.48 (Netherlands) 6 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 198.148.27.139 (New York, United States) 3 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.31.46.99 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.52.2.39 (United States) 1 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.149.132.44 (Boardman, United States) 3 redirects

ASN16509 (AMAZON-02, US)

www.storygize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 174.137.133.49 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.151 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.105.221.29 (Japan) 3 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1875-29.members.linode.com

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.142.16 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-142-16.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.110 (Germany) 1 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.30.140.199 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.246.202 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-246-202.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.67.61 (United States)

ASN15169 (GOOGLE, US)

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.85.133 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-85-133.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 147.75.102.200 (Central, Hong Kong) 3 redirects

ASN54825 (PACKET, US)

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
101	taboola.com 6 redirects cdn.taboola.com trc.taboola.com sync.taboola.com match.taboola.com sync-t1.taboola.com cds.taboola.com images.taboola.com	1 MB
9	pubmatic.com hbopenbid.pubmatic.com simage2.pubmatic.com	3 KB
9	adnxs.com ib.adnxs.com	7 KB
9	doubleclick.net 4 redirects stats.g.doubleclick.net cm.g.doubleclick.net	2 KB
6	exelator.com 3 redirects loadm.exelator.com	5 KB
6	zeotap.com mwzeom.zeotap.com	2 KB
6	contextweb.com 3 redirects bh.contextweb.com	2 KB
6	openx.net projectagora-d.openx.net	2 KB
6	adform.net adx.adform.net c1.adform.net Failed	3 KB
6	smartadserver.com prg.smartadserver.com rtb-csync.smartadserver.com	3 KB
6	projectagoraservices.com ads.projectagoraservices.com	30 KB
6	sunmedia.tv static.sunmedia.tv services.sunmedia.tv track.sunmedia.tv	60 KB
5	agkn.com 3 redirects js.agkn.com d.agkn.com aa.agkn.com	4 KB
4	crwdcntrl.net sync.crwdcntrl.net Failed	2 KB
4	lijit.com 1 redirects ce.lijit.com	3 KB
4	mfadsrvr.com 4 redirects rtb.mfadsrvr.com	2 KB
4	webcindario.com loged.webcindario.com	43 KB
3	mookie1.com odr.mookie1.com	318 B
3	bluekai.com tags.bluekai.com	986 B
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	bttrack.com bttrack.com	1 KB
3	appier.net 3 redirects s.c.appier.net	1 KB
3	criteo.com 3 redirects dis.criteo.com	1 KB
3	emxdgt.com e1.emxdgt.com	297 B
3	adkernel.com dsp.adkernel.com	699 B
3	storygize.net 3 redirects www.storygize.net	1 KB
3	adsrvr.org 3 redirects match.adsrvr.org	1 KB
3	rubiconproject.com pixel.rubiconproject.com	717 B
3	google-analytics.com www.google-analytics.com	19 KB
2	adomik.com projectagora-483829-hdb.adomik.com	206 B
2	google.de www.google.de	612 B
2	google.com www.google.com	612 B
2	sunmediaads.com img.sunmediaads.com play.sunmediaads.com	33 KB
2	miarroba.info hosting.miarroba.info	1 KB
1	admixer.net 1 redirects inv-nets.admixer.net	558 B
1	richaudience.com sync.richaudience.com	3 KB
1	projectagora.net projectagora.net	78 KB
1	cloudflare.com cdnjs.cloudflare.com	6 KB
1	servingcdn.net servingcdn.net	9 KB
1	quantcount.com rules.quantcount.com	357 B
1	quantserve.com secure.quantserve.com	9 KB
1	smartclip.net des.smartclip.net
1	blogspot.com beltornado2020.blogspot.com
1	googletagmanager.com www.googletagmanager.com	41 KB
1	consensu.org quantcast.mgr.consensu.org
1	cuturl.net 1 redirects cuturl.net	525 B
0	advertising.com Failed pixel.advertising.com Failed
0	1dmp.io Failed sync.1dmp.io Failed
0	ml314.com Failed ml314.com Failed
0	onaudience.com Failed pixel.onaudience.com Failed
0	liadm.com Failed i.liadm.com Failed
0	rfihub.com Failed p.rfihub.com Failed
254	52

	Domain	Requested by
36	cdn.taboola.com	loged.webcindario.com cdn.taboola.com
24	trc.taboola.com	cdn.taboola.com
17	images.taboola.com	cdn.taboola.com loged.webcindario.com
15	sync.taboola.com	6 redirects
9	ib.adnxs.com	projectagora.net cdn.taboola.com
7	cm.g.doubleclick.net	4 redirects
6	loadm.exelator.com	3 redirects
6	mwzeom.zeotap.com	cdn.taboola.com
6	bh.contextweb.com	3 redirects
6	projectagora-d.openx.net	projectagora.net
6	adx.adform.net	projectagora.net
6	hbopenbid.pubmatic.com	projectagora.net
6	ads.projectagoraservices.com	cdnjs.cloudflare.com
4	sync.crwdcntrl.net
4	sync-t1.taboola.com
4	ce.lijit.com	1 redirects
4	rtb.mfadsrvr.com	4 redirects
4	static.sunmedia.tv	loged.webcindario.com static.sunmedia.tv
4	loged.webcindario.com	loged.webcindario.com
3	aa.agkn.com	3 redirects
3	odr.mookie1.com	cdn.taboola.com
3	tags.bluekai.com	cdn.taboola.com
3	x.bidswitch.net	3 redirects
3	bttrack.com	cdn.taboola.com
3	s.c.appier.net	3 redirects
3	dis.criteo.com	3 redirects
3	e1.emxdgt.com
3	dsp.adkernel.com	cdn.taboola.com
3	rtb-csync.smartadserver.com
3	www.storygize.net	3 redirects
3	match.adsrvr.org	3 redirects
3	simage2.pubmatic.com
3	pixel.rubiconproject.com	cdn.taboola.com
3	match.taboola.com
3	prg.smartadserver.com	projectagora.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cds.taboola.com
2	projectagora-483829-hdb.adomik.com
2	www.google.de	loged.webcindario.com
2	www.google.com	loged.webcindario.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	hosting.miarroba.info	loged.webcindario.com
1	inv-nets.admixer.net	1 redirects
1	d.agkn.com	js.agkn.com
1	track.sunmedia.tv
1	sync.richaudience.com	loged.webcindario.com
1	js.agkn.com	loged.webcindario.com
1	projectagora.net	ads.projectagoraservices.com
1	cdnjs.cloudflare.com	servingcdn.net
1	services.sunmedia.tv	static.sunmedia.tv
1	servingcdn.net	img.sunmediaads.com
1	play.sunmediaads.com	img.sunmediaads.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	www.googletagmanager.com
1	img.sunmediaads.com	loged.webcindario.com
1	des.smartclip.net	loged.webcindario.com
1	beltornado2020.blogspot.com	loged.webcindario.com
1	www.googletagmanager.com	loged.webcindario.com
1	quantcast.mgr.consensu.org	loged.webcindario.com
1	cuturl.net	1 redirects
0	pixel.advertising.com Failed	cdn.taboola.com
0	sync.1dmp.io Failed	cdn.taboola.com
0	ml314.com Failed	cdn.taboola.com
0	pixel.onaudience.com Failed	cdn.taboola.com
0	i.liadm.com Failed	cdn.taboola.com
0	p.rfihub.com Failed
0	c1.adform.net Failed
254	67

This site contains no links.

Subject Issuer	Validity	Valid
webcindario.com R3	`2020-12-07` - `2021-03-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-16` - `2021-07-16`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.smartclip.net Amazon	`2020-02-29` - `2021-03-29`	a year	crt.sh
leadzuin.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-13` - `2021-07-13`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.sunmedia.tv COMODO RSA Domain Validation Secure Server CA	`2018-01-19` - `2021-01-18`	3 years	crt.sh
servingcdn.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-11-06`	a year	crt.sh
paadserver.projectagora.info R3	`2020-12-17` - `2021-03-17`	3 months	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.richaudience.com RapidSSL RSA CA 2018	`2019-03-07` - `2021-04-05`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.adomik.com Gandi Standard SSL CA 2	`2020-02-13` - `2021-03-05`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-10-15` - `2021-04-09`	6 months	crt.sh
*.mookie1.com DigiCert SHA2 Secure Server CA	`2020-02-21` - `2021-03-22`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh

This page contains 12 frames:

Primary Page: https://loged.webcindario.com/l-o-g/session/app/signin.php
Frame ID: 4FCF7A30BF3444862A35C6AB5A272185
Requests: 68 HTTP requests in this frame

Frame: https://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Frame ID: 4452A5E9B41A908A2E9FF42B3B8B9B6E
Requests: 1 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=739090663&gdpr=&gdpr_consent=&ref=&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Hobbies%20and%20Interests%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: 8D9428B7E5E4C2F9B1FC8548DA1A5C33
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Frame ID: 10088C229185CE44000CB5FF9274FF67
Requests: 11 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Frame ID: 9559282883D824BE6FEAC474FAFF7424
Requests: 32 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Frame ID: 1981657DBAF46EDE6D4789B655524309
Requests: 12 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Frame ID: 264A6BA3A97EE566C7F84F0B5A61E77A
Requests: 12 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Frame ID: 70AC9B2A7A7ECD95784FB411A6A3EB26
Requests: 31 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Frame ID: 42056DE346B309BAA2C713EC786A9FC5
Requests: 26 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&tbid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&query=taboola_hm%3Dd492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&isDirect=0
Frame ID: 6C2F9571410FC5ADE8B504CDBBFEB805
Requests: 20 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&tbid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&query=taboola_hm%3Dd492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&isDirect=0
Frame ID: B016BD1E55261A7B1DE1CF4E17E683B3
Requests: 20 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&tbid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&query=taboola_hm%3Dd492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&isDirect=0
Frame ID: 7021D26978E3D02D86B18BDFD23D35F8
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cuturl.net/TQgYkY HTTP 301
https://loged.webcindario.com/l-o-g/session/app/signin.php Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

254
Requests

83 %
HTTPS

29 %
IPv6

52
Domains

67
Subdomains

47
IPs

13
Countries

1406 kB
Transfer

4603 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cuturl.net/TQgYkY HTTP 301
https://loged.webcindario.com/l-o-g/session/app/signin.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&tbid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&query=taboola_hm%3Dd492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&isDirect=0

Request Chain 89

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Unm6eA9qrpYH&ev=1&orig=trc&pid=562107

Request Chain 91

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEChkbKLLbO062JrozTLX1aI&google_cver=1

Request Chain 93

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&google_tc=

Request Chain 94

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e5f40fa0-f0e7-400f-8200-516633f6021a

Request Chain 95

https://ce.lijit.com/merge?pid=42&3pid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 97

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c HTTP 302
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 101

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7c6d3bee-4725-43ce-b401-71cfd599ff06

Request Chain 102

https://id5-sync.com/s/464/9.gif?puid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&gdpr=1&gdpr_consent= HTTP 302
https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F100%2F6%2F2.gif%3Fpuid%3D%7BWEBO_CID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F100%2F6%2F2.gif%3Fpuid%3D%7BWEBO_CID%7D%26gdpr%3D1%26gdpr_consent%3D&bounce=1&random=914925377 HTTP 302
https://id5-sync.com/cq/464/100/6/2.gif?puid=hVgPz0Q2dF0.SxFu/zfea.&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/108/5/3.gif?puid=a9647203-496c-11eb-8a69-4add20e737cf&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOjGx4OIQ8i2Zhw6746oDhai58DDsnPj7hoL8nQA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F4%2F4.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOjGx4OIQ8i2Zhw6746oDhai58DDsnPj7hoL8nQA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F4%2F4.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/4/4.gif?puid=a800399b-2fc2-4716-b228-dca238b38801&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/441/3/5.gif?puid=e_609b1107-712b-4b8b-96ed-df0cf04a9005&gdpr=1&gdpr_consent= HTTP 302
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F2%2F6.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D HTTP 303
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F2%2F6.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1 HTTP 303
https://id5-sync.com/c/464/9/2/6.gif?puid=io2w7h2oQQMmSVXcaIJ_gOVJcLanbeDUi0iq0A5cfFk&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/1/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/1/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=

Request Chain 103

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=xEo8EU5oBsejLr3x_XfqXw

Request Chain 106

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtaboola%26bsw_param%3Da810fd3f-3ce2-413d-a368-c7241c555583%26gdpr%3D0%26consent%3D%26gdpr_pd%3D HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=4031e4830c4745d9b6e6e632012d0f78&ssp=taboola&bsw_param=a810fd3f-3ce2-413d-a368-c7241c555583&gdpr=0&consent=&gdpr_pd= HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a810fd3f-3ce2-413d-a368-c7241c555583

Request Chain 107

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&tbid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&query=taboola_hm%3Dd492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&isDirect=0

Request Chain 109

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=kHiNSGE9f4lv&ev=1&orig=trc&pid=562107

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEChkbKLLbO062JrozTLX1aI&google_cver=1

Request Chain 112

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

Request Chain 113

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e5f40fa0-f0e7-400f-8200-516633f6021a

Request Chain 115

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7c6d3bee-4725-43ce-b401-71cfd599ff06

Request Chain 116

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=bB6PmaIMB_uYdtle_XfqXw

Request Chain 118

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola

Request Chain 125

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=d2036312-9c44-4c81-98d8-15ec64adee0f-tuct6e3fd7c HTTP 302
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 128

https://id5-sync.com/s/464/9.gif?puid=d2036312-9c44-4c81-98d8-15ec64adee0f-tuct6e3fd7c&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/108/6/2.gif?puid=a9647203-496c-11eb-8a69-4add20e737cf&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOjGx4OIQ8i2Zhw6746oDhai58DDsnPj7hoL8nQA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOjGx4OIQ8i2Zhw6746oDhai58DDsnPj7hoL8nQA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/5/3.gif?puid=a800399b-2fc2-4716-b228-dca238b38801&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/441/4/4.gif?puid=e_fc5b37e3-8c17-45cb-825a-441a8fcac875&gdpr=1&gdpr_consent= HTTP 302
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D HTTP 303
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1 HTTP 303
https://id5-sync.com/c/464/9/3/5.gif?puid=xdzEsyDZaRmSFvQjckMk8jcxxEzG3nFtk0VzUP9D_nU&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/2/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/2/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=

Request Chain 132

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&tbid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&query=taboola_hm%3Dd492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&isDirect=0

Request Chain 134

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=DkFEPrXjcVHD&ev=1&orig=trc&pid=562107

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEChkbKLLbO062JrozTLX1aI&google_cver=1

Request Chain 137

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

Request Chain 138

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e5f40fa0-f0e7-400f-8200-516633f6021a

Request Chain 140

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7c6d3bee-4725-43ce-b401-71cfd599ff06

Request Chain 141

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=p0iBmgapC3apTeQZ_XfqXw

Request Chain 143

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola

Request Chain 150

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=085e4b5b-6b18-47de-a0cc-020a1b9edf16-tuct6e3fd7c HTTP 302
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 153

https://id5-sync.com/s/464/9.gif?puid=085e4b5b-6b18-47de-a0cc-020a1b9edf16-tuct6e3fd7c&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F6%2F2.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D HTTP 303
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F6%2F2.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1 HTTP 303
https://id5-sync.com/c/464/9/6/2.gif?puid=kteCh3ZcQAiu9WRtKV2qHIt9Fdx9vbG_5eOdy-hX89U&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=

Request Chain 167

https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

Request Chain 171

https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c HTTP 302
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164960803650000018722

Request Chain 176

https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c HTTP 302
https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&xl8blockcheck=1

Request Chain 180

https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

Request Chain 184

https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c HTTP 302
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164960903650000018765

Request Chain 189

https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c HTTP 302
https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&xl8blockcheck=1

Request Chain 200

https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

Request Chain 204

https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c HTTP 302
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164960803650000018722

Request Chain 209

https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c HTTP 302
https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&xl8blockcheck=1

254 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request signin.php Show response
loged.webcindario.com/l-o-g/session/app/
Redirect Chain

https://cuturl.net/TQgYkY
https://loged.webcindario.com/l-o-g/session/app/signin.php

15 KB
5 KB

364ms
272ms

Document
text/html

5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 5e1550d5b62e5db0901cd4c864141cd31e85d73b54c9f668f185d909b5ce5c42

Request headers

:method: GET
:authority: loged.webcindario.com
:scheme: https
:path: /l-o-g/session/app/signin.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Tue, 29 Dec 2020 00:27:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: __muid=ec0941941e52cb0336478c5c03f9a358f5146b88; Domain=.webcindario.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:11 GMT; HttpOnly PHPSESSID=6535958670faff60be0b338a9e20a979; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-powered-by: Webcindario Hosting Service
content-encoding: gzip

Redirect headers

set-cookie: AppSession=k2n93fjeucvusqtf7ng23hq9b0; path=/; HttpOnly csrfToken=168af6e21ee740d796af6cbe94c135ec242b06323b5dc4df62820107fb3a304c92523c520167198b4d78d74137bd74564773e795a68211e0883b909a2df958a9; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow
location: https://loged.webcindario.com/l-o-g/session/app/signin.php
content-length: 0
date: Tue, 29 Dec 2020 00:27:25 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 login.css
loged.webcindario.com/l-o-g/session/assets/css/ 16 KB
3 KB 2035ms
2034ms Stylesheet
text/css 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://loged.webcindario.com/l-o-g/session/assets/css/login.css
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 1663f95ea0126d1a415ee9ca499b8a137e542346004234a0c3df869b4b9b1a13

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:28 GMT
content-encoding: gzip
last-modified: Sun, 26 Apr 2020 03:57:56 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: W/"5ea506c4-3e3c"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jquery.min.js Show response
loged.webcindario.com/l-o-g/session/assets/js/ 85 KB
30 KB 2035ms
2035ms Script
application/javascript 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://loged.webcindario.com/l-o-g/session/assets/js/jquery.min.js
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:28 GMT
content-encoding: gzip
last-modified: Tue, 29 Aug 2017 03:03:08 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: W/"59a4d96c-15285"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 / Show response
hosting.miarroba.info/ 1 KB
1 KB 227ms
179ms Script
application/javascript 2606:4700:20::681a:cc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.miarroba.info/?__muid=ec0941941e52cb0336478c5c03f9a358f5146b88&h=2047178&t=1609201646&k=9fe58c7771858c089cd7de887037d92c
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:cc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbaf805f62216f58f90fadac586ffbbc9acc9c2ce2cd261e4b65b1cf054e0fd3

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cf-request-id: 074d7d934100002c3685a5e000000001
pragma: no-cache
last-modified: Tue, 29 Dec 2020 00:27:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FWThjZCWrNEX4NjUJkhRVto7p%2FEUI2qPZWDfxiCAfK4FtzJKoVBjZyM86YXt4uaxby3O4TzX%2BLVPK7RNw1%2F%2BHOa3AQcHReFmhkrPHtaJUDaY4gJiNz50HjWhLkR8DijSWyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=iso-8859-1
cache-control: no-cache
cf-ray: 608f65320cb32c36-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 403 choice.js
quantcast.mgr.consensu.org/choice/d5x2uDVHd7ALE/loged.webcindario.com/ 0
0 135ms
120ms Script
text/html 2600:9000:214f:8600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/d5x2uDVHd7ALE/loged.webcindario.com/choice.js
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 29 Dec 2020 00:15:02 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Thu, 21 May 2020 21:03:42 GMT
server: AmazonS3
age: 1075
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/html
cache-control: public, max-age=7200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: -wjvfESa2Yp7Y_O3Bj71JNSRux-hNNU_AxA006yjjTZt3oLDY17yqg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 110 KB
41 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Requested by

Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

620c53ec2b581b075b9003f2ec873fd8148dd5abbadd6b1fcefd0f83ef234c08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41425
x-xss-protection: 0
last-modified: Tue, 29 Dec 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Dec 2020 00:27:28 GMT

GET
H2 200 /
beltornado2020.blogspot.com/ 0
0 205ms
173ms Image
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beltornado2020.blogspot.com/
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/assets/css/login.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/assets/css/login.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 big.svg
loged.webcindario.com/l-o-g/session/assets/img/ 5 KB
5 KB 40ms
40ms Image
image/svg+xml 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loged.webcindario.com/l-o-g/session/assets/img/big.svg
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/assets/css/login.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/assets/css/login.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:28 GMT
last-modified: Sat, 21 Mar 2020 04:27:14 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: "5e7597a2-1351"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4945

GET
H/1.1 200 ads Show response
des.smartclip.net/ 0
0 115ms
38ms Script
application/xml 54.194.51.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://des.smartclip.net/ads?type=dyn&plc=75133&elementId=ec0941941e52cb0336478c5c03f9a358f5146b88&sz=400x320&rnd=20081598
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.51.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-51-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true

GET
H2 200 lz_loader.js Show response
img.sunmediaads.com/ads/ 112 KB
32 KB 1907ms
1681ms Script
text/javascript 89.255.248.54
LEASEWEBCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.255.248.54 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software: leasewebcdn/5.4.2 /
Resource Hash: 7c074d5639b08b7eee3923842b52d5333c37eceb96baf14ee213584981066fe5

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:29 GMT
content-encoding: gzip
cdn-cache-hit: 0
last-modified: Sun, 05 Apr 2020 16:15:53 GMT
server: leasewebcdn/5.4.2
etag: W/"1261860600"
content-type: text/javascript
cdn-cache: MISS
cache-control: max-age=0
cdn-node: AMS1-SO01004
expires: Tue, 29 Dec 2020 00:27:29 GMT

POST
H2 200 607f6b0b381bbc1f64fa027d62891072_cookie.php
hosting.miarroba.info/ Frame 4452 0
0 62ms
62ms Document
text/html 2606:4700:20::681a:cc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:cc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: POST
:authority: hosting.miarroba.info
:scheme: https
:path: /607f6b0b381bbc1f64fa027d62891072_cookie.php
content-length: 162
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://loged.webcindario.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://loged.webcindario.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php

Response headers

date: Tue, 29 Dec 2020 00:27:28 GMT
content-type: text/html; charset=iso-8859-1
set-cookie: __cfduid=d1bcbf35177b63287c4d0c4adfb59bea41609201648; expires=Thu, 28-Jan-21 00:27:28 GMT; path=/; domain=.miarroba.info; HttpOnly; SameSite=Lax __weslvu=1609201646; expires=Tue, 29-Dec-2020 01:27:26 GMT; Max-Age=3598; path=/; domain=hosting.miarroba.info
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 074d7d9b6900002c3685abd000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Oxjj9MU%2BZA8Fd1zVHaggiwVHmbu9Gy%2Ff8iWZ8jB7aOByqYYS6DHoTkaNXZa6u9j3Ty98Ta9x1rCOHOkVSDkg%2FURvrqgtUOgmom3YWfGQS1955btea8be2P2vTDR2UKHMeYQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 608f653f0b9e2c36-FRA
content-encoding: br

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2214
date: Mon, 28 Dec 2020 23:50:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 29 Dec 2020 01:50:34 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 22ms
6ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:28 GMT
content-encoding: gzip
etag: "8q1rat7Mm9i+FVcOidF8/g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 05 Jan 2021 00:27:28 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
72 B 13ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1241949530&t=pageview&_s=1&dl=https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php&ul=en-us&de=UTF-8&dt=Log%20in%20to%20your%20PayPaI%20account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABCAAAAC~&jid=1637259389&gjid=1648337555&cid=2109774187.1609201649&tid=UA-597118-7&_gid=451316701.1609201649&_r=1&gtm=2wgbu0T2VG59&z=1275106993

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://loged.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1241949530&t=pageview&_s=1&dl=https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php&ul=en-us&de=UTF-8&dt=Log%20in%20to%20your%20PayPaI%20account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABCAAAAC~&jid=1057725885&gjid=892730251&cid=2109774187.1609201649&tid=UA-597118-1&_gid=451316701.1609201649&_r=1&gtm=2wgbu0T2VG59&z=452267720

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://loged.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-d5x2uDVHd7ALE.js Show response
rules.quantcount.com/ 3 B
357 B 30ms
7ms Script
application/x-javascript 2600:9000:206f:3000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 07:35:54 GMT
via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 20:57:48 GMT
server: AmazonS3
age: 60695
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: _HCB1GbxiFhf8C26kq4h0Dd2LudjXY1_m8RtisbSrYKsX64DUUyO5w==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 41ms
14ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-597118-7&cid=2109774187.1609201649&jid=1637259389&gjid=1648337555&_gid=451316701.1609201649&_u=YEBAAAAACAAAAC~&z=775155035

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 29 Dec 2020 00:27:28 GMT
content-type: text/plain
access-control-allow-origin: https://loged.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 37ms
15ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-597118-1&cid=2109774187.1609201649&jid=1057725885&gjid=892730251&_gid=451316701.1609201649&_u=YEDAAAABCAAAAC~&z=109701913

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 29 Dec 2020 00:27:28 GMT
content-type: text/plain
access-control-allow-origin: https://loged.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 37ms
17ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-597118-7&cid=2109774187.1609201649&jid=1637259389&_u=YEBAAAAACAAAAC~&z=1334434054

Requested by

Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 36ms
16ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-597118-7&cid=2109774187.1609201649&jid=1637259389&_u=YEBAAAAACAAAAC~&z=1334434054

Requested by

Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
505 B 36ms
17ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-597118-1&cid=2109774187.1609201649&jid=1057725885&_u=YEDAAAABCAAAAC~&z=827574277

Requested by

Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 36ms
17ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-597118-1&cid=2109774187.1609201649&jid=1057725885&_u=YEDAAAABCAAAAC~&z=827574277

Requested by

Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK zone.php Show response
play.sunmediaads.com/red/ 516 B
879 B 144ms
47ms Script
text/html 212.92.55.6
NEXICA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://play.sunmediaads.com/red/zone.php?code=HEZRL65RXYI2&a=&pubid=&lgid=7363980740.10230860796671415
Requested by: Host: img.sunmediaads.com
URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.92.55.6 , Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS: unamed.nexica.net
Software: Apache /
Resource Hash: 43b9d30c68e6583a9fd1779713362522eb175ccb318e252387f3e955156acee6

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 00:27:30 GMT
Server: Apache
Connection: close
Content-Length: 516
Content-Type: text/html; charset=UTF-8

GET
H2 200 8c4105a4-90ec-434c-bf14-82b194e3019f.js Show response
static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/ 181 KB
51 KB 123ms
34ms Script
application/javascript 51.89.99.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.99.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3163893.ip-51-89-99.eu
Software: nginx /
Resource Hash: 688d136306f3b37ca1bb0fff96c65d0e6fb1f23ed44c1873d5afe8b7dbbcad28

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:30 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Mon, 21 Dec 2020 14:17:10 GMT
server: nginx
age: 21307
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
cache-control: max-age=0, s-maxage=2592001
access-control-allow-credentials: true
content-length: 51809
accept-ranges: bytes
x-device: desktop

GET
H2 200 / Show response
servingcdn.net/ 28 KB
9 KB 362ms
123ms Script
application/javascript 3.138.133.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=
Requested by: Host: img.sunmediaads.com
URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.138.133.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-138-133-95.us-east-2.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 0227eb7ce7a5a5e0878a63d59b5ce9509112274ddedfdc711caa17dd132ee2e3

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:30 GMT
content-encoding: gzip
server: nginx/1.16.1
x-powered-by: Express
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: -1

GET
H2 200 geocity.php Show response
services.sunmedia.tv/geotarget/ 474 B
722 B 95ms
31ms XHR
application/json 51.89.64.207
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://services.sunmedia.tv/geotarget/geocity.php
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.64.207 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3168032.ip-51-89-64.eu
Software: nginx /
Resource Hash: c6629ee6b002a823a733380b3f811e5d4b1f69877f9b9f91510a5b65b1b9555a

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:30 GMT
tp-cache: HIT
server: nginx
age: 1550
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://loged.webcindario.com
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: mobile
accept-ranges: bytes
content-length: 474

GET
H2 200 inhome-1-0.json Show response
static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/ 3 KB
3 KB 96ms
32ms XHR
application/json 51.89.99.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/inhome-1-0.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.99.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3163893.ip-51-89-99.eu
Software: nginx /
Resource Hash: e3802f02f4480d3b247af948f029fc343b6947d933a8dc978a738be684e7a3f7

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:30 GMT
tp-cache: HIT
last-modified: Tue, 01 Dec 2020 14:41:43 GMT
server: nginx
age: 21321
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
content-length: 2788
accept-ranges: bytes
x-device: mobile

GET
H2 200 outstream.json Show response
static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/ 3 KB
3 KB 98ms
34ms XHR
application/json 51.89.99.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/outstream.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.99.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3163893.ip-51-89-99.eu
Software: nginx /
Resource Hash: 1b7b30e5d39ee70ff4346e1a6866466a63ac691d2d47233c35b0a739666f2920

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:30 GMT
tp-cache: HIT
last-modified: Fri, 16 Oct 2020 16:17:06 GMT
server: nginx
age: 21322
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
content-length: 2845
accept-ranges: bytes
x-device: mobile

GET
H2 200 adblockDetector.min.js Show response
static.sunmedia.tv/AdBlockDetection/ 3 KB
2 KB 33ms
33ms Script
application/javascript 51.89.99.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?ref=https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.99.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3163893.ip-51-89-99.eu
Software: nginx /
Resource Hash: 051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:30 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Mon, 21 Dec 2020 17:00:21 GMT
server: nginx
age: 21322
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, s-maxage=2592000
x-device: mobile
accept-ranges: bytes
content-length: 1634

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 17 KB
6 KB 27ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js

Requested by

Host: servingcdn.net
URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 246599
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 5117
cf-request-id: 074d7da50b0000d6d96b9c6000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-45f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3di0IkpSb2sdg9NEHgba15IjzdiIorlbMriRzT%2BzLEE4hmgluRpiWrI1X5gRoy1rEgrwR9sQGRpaLG%2BlMjW2Xt%2FHXQstFqivVLedZalfYLKS3tbF6PaHJB3G%2BZ4KH5DVEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 608f654e7b02d6d9-FRA
expires: Sun, 19 Dec 2021 00:27:30 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ 14 KB
4 KB 98ms
67ms Script
application/javascript 2a02:26f0:10::5c7a:d4e0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=5719
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10::5c7a:d4e0 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c2b19343a0c70e8766ab29db692677c2ea099f7e8bcc1aac528c7294e422d55f

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:32 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 3724
expires: Tue, 29 Dec 2020 00:27:32 GMT

GET
H2 200 prebid.3-25.js Show response
projectagora.net/libs/prebidv3/ 269 KB
78 KB 37ms
21ms Script
application/javascript 2606:4700:3035::6812:3c5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5719
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3c5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f33f8c271b704a3a06db5ef14daa0a3b18e35643df7678ca1128e7500dc5728f

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1107
x-amz-request-id: 1C0BB82659703273
x-amz-id-2: f2ohlazMYHd1sO748UOacqmBaHlgPkG4cgIu0XKpMiotASccY297XIlnZM9UtYJG9z3h8FdmAV8=
last-modified: Wed, 14 Oct 2020 14:40:15 GMT
server: cloudflare
etag: W/"0926c1cca7636a4e7a577e89f647addf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ip1ozJk8mL4XP85XwUX32OeRaMeQG98xGSQnqCutSZpgyws7BQiqVMuQtfz%2Bm2uLyOIQ7cRAbler4XHdSQe%2BjdMEgx08CJFRiUIFzDoCs38ZEd6w%2B%2FRn0ibR1p4n"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 074d7da97d00004a8c2e88f000000001
cf-ray: 608f655599154a8c-FRA

GET
H2 200 / Show response
ads.projectagoraservices.com/ 22 KB
6 KB 67ms
67ms Script
application/javascript 2a02:26f0:10::5c7a:d4e0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=5734
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10::5c7a:d4e0 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ce347d6dfb58eb986351695bfc565ffb59d30714dcbbf12bce99e5fb06071719

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:32 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 6280
expires: Tue, 29 Dec 2020 00:27:32 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ 22 KB
6 KB 7ms
7ms Script
application/javascript 2a02:26f0:10::5c7a:d4e0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=5734
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10::5c7a:d4e0 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ce347d6dfb58eb986351695bfc565ffb59d30714dcbbf12bce99e5fb06071719

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:32 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 6280
expires: Tue, 29 Dec 2020 00:27:32 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ 22 KB
6 KB 7ms
7ms Script
application/javascript 2a02:26f0:10::5c7a:d4e0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=5734
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10::5c7a:d4e0 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ce347d6dfb58eb986351695bfc565ffb59d30714dcbbf12bce99e5fb06071719

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:32 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 6280
expires: Tue, 29 Dec 2020 00:27:32 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ 14 KB
4 KB 7ms
7ms Script
application/javascript 2a02:26f0:10::5c7a:d4e0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=5719
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10::5c7a:d4e0 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c2b19343a0c70e8766ab29db692677c2ea099f7e8bcc1aac528c7294e422d55f

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:32 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 3724
expires: Tue, 29 Dec 2020 00:27:32 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ 14 KB
4 KB 7ms
7ms Script
application/javascript 2a02:26f0:10::5c7a:d4e0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=5719
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10::5c7a:d4e0 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c2b19343a0c70e8766ab29db692677c2ea099f7e8bcc1aac528c7294e422d55f

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:32 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 3724
expires: Tue, 29 Dec 2020 00:27:32 GMT

GET
H2 200 tag.js Show response
js.agkn.com/prod/v0/ 3 KB
3 KB 27ms
6ms Script
application/javascript 2600:9000:214f:ae00:15:efbc:e300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.agkn.com/prod/v0/tag.js
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ae00:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 16:10:28 GMT
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
last-modified: Tue, 22 Oct 2019 20:22:52 GMT
server: AmazonS3
age: 33388
etag: "f53f55cbab099be3a970b446a66c496a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 3167
x-amz-cf-id: SxJ3MXxo86zEYRir_0Eqsrro2Dm2a6hM-KVxzzHUJydlLdaCuUfi5Q==

GET
H/1.1 200
OK / Show response
sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/ 3 KB
3 KB 112ms
38ms Script
text/javascript 159.69.72.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.69.72.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cm022.richaudience.com
Software: nginx/1.14.2 /
Resource Hash: 4e5826ed2781fd7ee7851d820bb728069a43cdb36dfd158ea1ccbf05ff3b8a23

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 00:27:33 GMT
Server: nginx/1.14.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H2 200 /
track.sunmedia.tv/ 42 B
277 B 34ms
32ms Image
image/gif 51.89.99.150
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=op&pb=1&pos=no-pos&loop=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.99.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3163893.ip-51-89-99.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:33 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 21324
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: mobile
accept-ranges: bytes
content-length: 42

GET
H/1.1 200
OK Cookie set /
d.agkn.com/iframe/8613/ Frame 8D94 0
0 153ms
37ms Document
text/html 52.57.98.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/8613/?che=739090663&gdpr=&gdpr_consent=&ref=&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Hobbies%20and%20Interests%22%2C%22brd%22%3A%22-1%22%7D
Requested by: Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.98.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-98-174.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Host: d.agkn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php

Response headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Tue, 29 Dec 2020 00:27:32 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3AdHFhPHSmna8TXjTXtwrjE2X1K2h589Yp;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure u=C|0AEAnfTR1J300dQAAAAAAAg1RAQCADVIBAIA;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
Content-Length: 481
Connection: keep-alive

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
836 B 96ms
31ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b8b8fb5c1a0b3670ab9cb8b766f8b0ce282a29e58ce86f3518202a0fcde35955

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:40 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.55:80
AN-X-Request-Uuid: 14a92178-f2d9-4316-ae7f-5d7897de6180
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://loged.webcindario.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
120 B 152ms
76ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://loged.webcindario.com
date: Tue, 29 Dec 2020 00:27:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
329 B 170ms
54ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:39 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://loged.webcindario.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
452 B 173ms
81ms XHR
application/json 37.157.2.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTgyMTc3MyZ0cmFuc2FjdGlvbklkPWMzNGJkZDEyLWZkMmYtNDYyYy1iYjQ3LTYwYTJmN2JjMDU2Yw%3D%3D&pt=gross&stid=b217b436-554c-4a72-a1c3-fe5c9306acfb&gdpr=0&gdpr_consent=undefined&fd=1

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://loged.webcindario.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H2 200 arj Show response
projectagora-d.openx.net/w/1.0/ 172 B
355 B 87ms
35ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=c34bdd12-fd2f-462c-bb47-60a2f7bc056c&nocache=1609201660150&gdpr=0&x_gdpr_f=1&schain=1.0%2C0!projectagora.com%2C101038%2C1%2C%2C%2C&aus=300x600&divIds=17556238_indice-h.webcindario.com_ros_300x600&auid=541069149
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.199.0 /
Resource Hash: 55a045cf03d6a4bb83f0434f14cc9c07fa67e87a4573df5538048e567c153280

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
content-encoding: gzip
server: OXGW/16.199.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://loged.webcindario.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
717 B 92ms
32ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:40 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.108:80
AN-X-Request-Uuid: 1c8cc149-b44f-4ef1-a941-5ae22309b7a4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://loged.webcindario.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
452 B 173ms
89ms XHR
application/json 37.157.2.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTgyMTc3MSZ0cmFuc2FjdGlvbklkPWFlZmEyZTNlLWFhNGUtNGI0Yy1hODdhLWE2ZDY1NGU2ZGY3MQ%3D%3D&pt=gross&stid=dd1c1f90-fe31-4168-b176-f8f465172516&gdpr=0&gdpr_consent=undefined&fd=1

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://loged.webcindario.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
64 B 158ms
93ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://loged.webcindario.com
date: Tue, 29 Dec 2020 00:27:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
projectagora-d.openx.net/w/1.0/ 172 B
354 B 78ms
35ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=aefa2e3e-aa4e-4b4c-a87a-a6d654e6df71&nocache=1609201660158&gdpr=0&x_gdpr_f=1&schain=1.0%2C0!projectagora.com%2C101038%2C1%2C%2C%2C&aus=300x250&divIds=17556235_indice-h.webcindario.com_ros_300x250&auid=541069148
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.199.0 /
Resource Hash: 546be5174f4dccbab60a3cbeadcba6ceef55c4445893ab274e7f3a343cf3e4ad

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
content-encoding: gzip
server: OXGW/16.199.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://loged.webcindario.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
64 B 141ms
85ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://loged.webcindario.com
date: Tue, 29 Dec 2020 00:27:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
716 B 94ms
33ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:40 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.45:80
AN-X-Request-Uuid: c1ebde0c-3ec9-4a9c-91f0-57c39aa303b0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://loged.webcindario.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
projectagora-d.openx.net/w/1.0/ 172 B
354 B 73ms
40ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=05f71cf5-66c6-4aaf-ae94-8587615a30b2&nocache=1609201660169&gdpr=0&x_gdpr_f=1&schain=1.0%2C0!projectagora.com%2C101038%2C1%2C%2C%2C&aus=300x250&divIds=17556235_indice-h.webcindario.com_ros_300x250&auid=541069148
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.199.0 /
Resource Hash: 43054834700582cdaf5b0cb5ba278e95556359145dc5b23335923fd2091c1a59

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
content-encoding: gzip
server: OXGW/16.199.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://loged.webcindario.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
452 B 163ms
90ms XHR
application/json 37.157.2.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTgyMTc3MSZ0cmFuc2FjdGlvbklkPTA1ZjcxY2Y1LTY2YzYtNGFhZi1hZTk0LTg1ODc2MTVhMzBiMg%3D%3D&pt=gross&stid=5b74a624-9892-4717-a681-407b3a684cad&gdpr=0&gdpr_consent=undefined&fd=1

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://loged.webcindario.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
453 B 144ms
80ms XHR
application/json 37.157.2.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTgyMTc3MSZ0cmFuc2FjdGlvbklkPTEyZDA5NzNhLWM2MzMtNDIxOC05MDU2LTE4OTMzZDBkMDM1Mw%3D%3D&pt=gross&stid=86e58a59-5571-4b38-b3a9-f31ce12a9471&gdpr=0&gdpr_consent=undefined&fd=1

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://loged.webcindario.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H2 200 arj Show response
projectagora-d.openx.net/w/1.0/ 172 B
563 B 58ms
34ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=12d0973a-c633-4218-9056-18933d0d0353&nocache=1609201660178&gdpr=0&x_gdpr_f=1&schain=1.0%2C0!projectagora.com%2C101038%2C1%2C%2C%2C&aus=300x250&divIds=17556235_indice-h.webcindario.com_ros_300x250&auid=541069148
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.199.0 /
Resource Hash: 1c2cf1caab896b6c9d71ff2c6ee2890657eb68e28aa543614f8061d372dc62bf

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
content-encoding: gzip
server: OXGW/16.199.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://loged.webcindario.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
716 B 96ms
35ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:40 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.47:80
AN-X-Request-Uuid: 165f4ca7-1c12-4bf0-8a3f-a4e502ac691f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://loged.webcindario.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
64 B 136ms
92ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://loged.webcindario.com
date: Tue, 29 Dec 2020 00:27:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
329 B 54ms
54ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:39 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://loged.webcindario.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H2 200 arj Show response
projectagora-d.openx.net/w/1.0/ 172 B
354 B 36ms
36ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=3e1729f7-1de1-4e95-9406-a0c959662332&nocache=1609201660324&gdpr=0&x_gdpr_f=1&schain=1.0%2C0!projectagora.com%2C101038%2C1%2C%2C%2C&aus=300x600&divIds=17556238_indice-h.webcindario.com_ros_300x600&auid=541069149
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.199.0 /
Resource Hash: 9e7837057243329a65ff8fff16bd7bb6b4039f6b8eab231ff881ecae492be699

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
content-encoding: gzip
server: OXGW/16.199.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://loged.webcindario.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
64 B 88ms
88ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://loged.webcindario.com
date: Tue, 29 Dec 2020 00:27:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
452 B 87ms
87ms XHR
application/json 37.157.2.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTgyMTc3MyZ0cmFuc2FjdGlvbklkPTNlMTcyOWY3LTFkZTEtNGU5NS05NDA2LWEwYzk1OTY2MjMzMg%3D%3D&pt=gross&stid=6abb8146-8fc4-4ea5-8385-29496783d620&gdpr=0&gdpr_consent=undefined&fd=1

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://loged.webcindario.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
838 B 32ms
32ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0fe73c341759373b2b982a749b31305b5f9102faa1c12f33b7854877a9bdd54e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:40 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.105:80
AN-X-Request-Uuid: ed433de8-709f-4e49-a4bb-a11431fe92fc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://loged.webcindario.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/ Frame 1008 69 KB
19 KB 96ms
32ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef913f1b1f2132ba1e2ec53822307ae9fec4f6689efed38796061f49dc4ba8e8

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: R2ey6uncAt.VOugqnzs5DxmYMgUU3fRa
content-encoding: gzip
etag: "0dcf00dd2ff80a4aa244a99ef68a9bf1"
age: 156
x-cache: HIT
content-length: 19197
x-amz-id-2: O6zpkNDTj1kvAbvDXdVn4Y1wmVKDedL+cT/G1nprx4XpRgmImtBc83sWzPil7KlfFYjvdnyvn84=
x-served-by: cache-hhn11553-HHN
last-modified: Thu, 24 Dec 2020 14:17:30 GMT
server: AmazonS3
x-timer: S1609201660.413088,VS0,VE1
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: 5D4DA3147050347E
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 31
x-cache-hits: 3

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ 0
103 B 163ms
37ms Image
text/plain 34.255.253.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNmFiYjgxNDYtOGZjNC00ZWE1LTgzODUtMjk0OTY3ODNkNjIwIiwiaG9zdG5hbWUiOiJsb2dlZC53ZWJjaW5kYXJpby5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJPUEVOWCJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=6abb8146-8fc4-4ea5-8385-29496783d620&part=0&on=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.253.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-253-25.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 29 Dec 2020 00:27:40 GMT
Server: nginx

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
452 B 86ms
85ms XHR
application/json 37.157.2.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTgyMTc3MyZ0cmFuc2FjdGlvbklkPTE1MzgxZmMxLThjN2UtNDc1Yi1hMTBlLWExMzgzYTI4ZDE3Mg%3D%3D&pt=gross&stid=5d4d5138-851b-4595-860e-dbe428d2420e&gdpr=0&gdpr_consent=undefined&fd=1

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://loged.webcindario.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
329 B 127ms
82ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:39 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://loged.webcindario.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
64 B 77ms
77ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://loged.webcindario.com
date: Tue, 29 Dec 2020 00:27:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
836 B 34ms
34ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a2ec414ec986d034d9632209d15a3b588e225eb043c1ce65de25549d1e44be5a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:40 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.78:80
AN-X-Request-Uuid: d871c26b-e758-4130-b80e-cae366740a25
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://loged.webcindario.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
projectagora-d.openx.net/w/1.0/ 172 B
354 B 33ms
33ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=15381fc1-8c7e-475b-a10e-a1383a28d172&nocache=1609201660334&gdpr=0&x_gdpr_f=1&schain=1.0%2C0!projectagora.com%2C101038%2C1%2C%2C%2C&aus=300x600&divIds=17556238_indice-h.webcindario.com_ros_300x600&auid=541069149
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.199.0 /
Resource Hash: fcafffae44a7f4f64ef6dbd87f7498083117fa2c7a6c66e17ae6cc61c78eebb2

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
content-encoding: gzip
server: OXGW/16.199.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://loged.webcindario.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/ Frame 9559 69 KB
19 KB 119ms
63ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 365365fe04f0a45a2ace05b4e47705eb0a9cdbc9a91310673efa51a0e2771e63

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: xAlg24rFhrrYs1x96nwS0QXfwG9g0Im2
content-encoding: gzip
etag: "36d4a1ea38aed7fd672ba7cf7384b2ac"
age: 156
x-cache: HIT
content-length: 19195
x-amz-id-2: uNc/Gy5DOFF2L8CdxDyCf/IwiNOfFZh5HRR4XyU8POfgPVaIS+2/gtx/7SnNZLTnFfmwT0uNeBc=
x-served-by: cache-hhn11553-HHN
last-modified: Thu, 24 Dec 2020 14:09:12 GMT
server: AmazonS3
x-timer: S1609201660.413223,VS0,VE1
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: E3593A9E107C48F8
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 31
x-cache-hits: 1

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ 0
103 B 161ms
39ms Image
text/plain 34.255.253.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNWQ0ZDUxMzgtODUxYi00NTk1LTg2MGUtZGJlNDI4ZDI0MjBlIiwiaG9zdG5hbWUiOiJsb2dlZC53ZWJjaW5kYXJpby5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJBREZPUk0ifSx7ImJpZGRlciI6IkFERk9STSJ9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6IkFQUE5FWFVTIn0seyJiaWRkZXIiOiJPUEVOWCJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fV19&id=5d4d5138-851b-4595-860e-dbe428d2420e&part=0&on=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.253.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-253-25.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 29 Dec 2020 00:27:40 GMT
Server: nginx

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/ Frame 1981 69 KB
19 KB 115ms
62ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef913f1b1f2132ba1e2ec53822307ae9fec4f6689efed38796061f49dc4ba8e8

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: R2ey6uncAt.VOugqnzs5DxmYMgUU3fRa
content-encoding: gzip
etag: "0dcf00dd2ff80a4aa244a99ef68a9bf1"
age: 156
x-cache: HIT
content-length: 19197
x-amz-id-2: O6zpkNDTj1kvAbvDXdVn4Y1wmVKDedL+cT/G1nprx4XpRgmImtBc83sWzPil7KlfFYjvdnyvn84=
x-served-by: cache-hhn11553-HHN
last-modified: Thu, 24 Dec 2020 14:17:30 GMT
server: AmazonS3
x-timer: S1609201660.413212,VS0,VE1
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: 5D4DA3147050347E
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 31
x-cache-hits: 3

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/ Frame 264A 69 KB
19 KB 80ms
31ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef913f1b1f2132ba1e2ec53822307ae9fec4f6689efed38796061f49dc4ba8e8

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: R2ey6uncAt.VOugqnzs5DxmYMgUU3fRa
content-encoding: gzip
etag: "0dcf00dd2ff80a4aa244a99ef68a9bf1"
age: 156
x-cache: HIT
content-length: 19197
x-amz-id-2: O6zpkNDTj1kvAbvDXdVn4Y1wmVKDedL+cT/G1nprx4XpRgmImtBc83sWzPil7KlfFYjvdnyvn84=
x-served-by: cache-hhn11553-HHN
last-modified: Thu, 24 Dec 2020 14:17:30 GMT
server: AmazonS3
x-timer: S1609201660.413156,VS0,VE1
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: 5D4DA3147050347E
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 31
x-cache-hits: 3

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/ Frame 70AC 69 KB
19 KB 57ms
57ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 365365fe04f0a45a2ace05b4e47705eb0a9cdbc9a91310673efa51a0e2771e63

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: xAlg24rFhrrYs1x96nwS0QXfwG9g0Im2
content-encoding: gzip
etag: "36d4a1ea38aed7fd672ba7cf7384b2ac"
age: 156
x-cache: HIT
content-length: 19195
x-amz-id-2: uNc/Gy5DOFF2L8CdxDyCf/IwiNOfFZh5HRR4XyU8POfgPVaIS+2/gtx/7SnNZLTnFfmwT0uNeBc=
x-served-by: cache-hhn11553-HHN
last-modified: Thu, 24 Dec 2020 14:09:12 GMT
server: AmazonS3
x-timer: S1609201660.436116,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: E3593A9E107C48F8
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 31
x-cache-hits: 3

GET
H2 200 impl.20201224-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 1008 450 KB
104 KB 31ms
31ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 34facdf1f8057f993bc7f5de07e3ea25a03b66e65d11e6e382823e8db951c2a2

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hCkLwRFR93lYF4VjaYxdmzUTRmbkDmyt
content-encoding: br
etag: "6109e71ba150e60f9c4e0886722c4e04"
age: 19938
x-cache: HIT
content-length: 105936
x-amz-id-2: rMiI1BouiHXKKlcvy2eOJ7KGPW3LEtIuS7FbHJJIz/7lEXzww8tDjzdZFnf4zD0Wi90Oe4sq3wg=
x-served-by: cache-hhn11553-HHN
last-modified: Thu, 24 Dec 2020 10:53:17 GMT
server: AmazonS3-br
x-timer: S1609201660.470526,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: 6B44BA8A6761BDC8
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 56
x-cache-hits: 81809

GET
H2 200 impl.20201224-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 264A 450 KB
104 KB 42ms
42ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 34facdf1f8057f993bc7f5de07e3ea25a03b66e65d11e6e382823e8db951c2a2

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hCkLwRFR93lYF4VjaYxdmzUTRmbkDmyt
content-encoding: br
etag: "6109e71ba150e60f9c4e0886722c4e04"
age: 19938
x-cache: HIT
content-length: 105936
x-amz-id-2: rMiI1BouiHXKKlcvy2eOJ7KGPW3LEtIuS7FbHJJIz/7lEXzww8tDjzdZFnf4zD0Wi90Oe4sq3wg=
x-served-by: cache-hhn11553-HHN
last-modified: Thu, 24 Dec 2020 10:53:17 GMT
server: AmazonS3-br
x-timer: S1609201660.478830,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: 6B44BA8A6761BDC8
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 56
x-cache-hits: 81810

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/ Frame 4205 69 KB
19 KB 53ms
53ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 365365fe04f0a45a2ace05b4e47705eb0a9cdbc9a91310673efa51a0e2771e63

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: xAlg24rFhrrYs1x96nwS0QXfwG9g0Im2
content-encoding: gzip
etag: "36d4a1ea38aed7fd672ba7cf7384b2ac"
age: 156
x-cache: HIT
content-length: 19195
x-amz-id-2: uNc/Gy5DOFF2L8CdxDyCf/IwiNOfFZh5HRR4XyU8POfgPVaIS+2/gtx/7SnNZLTnFfmwT0uNeBc=
x-served-by: cache-hhn11553-HHN
last-modified: Thu, 24 Dec 2020 14:09:12 GMT
server: AmazonS3
x-timer: S1609201660.482033,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: E3593A9E107C48F8
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 31
x-cache-hits: 5

GET
H2 200 impl.20201224-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 9559 450 KB
104 KB 47ms
46ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 34facdf1f8057f993bc7f5de07e3ea25a03b66e65d11e6e382823e8db951c2a2

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hCkLwRFR93lYF4VjaYxdmzUTRmbkDmyt
content-encoding: br
etag: "6109e71ba150e60f9c4e0886722c4e04"
age: 19938
x-cache: HIT
content-length: 105936
x-amz-id-2: rMiI1BouiHXKKlcvy2eOJ7KGPW3LEtIuS7FbHJJIz/7lEXzww8tDjzdZFnf4zD0Wi90Oe4sq3wg=
x-served-by: cache-hhn11553-HHN
last-modified: Thu, 24 Dec 2020 10:53:17 GMT
server: AmazonS3-br
x-timer: S1609201660.490704,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: 6B44BA8A6761BDC8
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 56
x-cache-hits: 81811

GET
H2 200 impl.20201224-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 1981 450 KB
104 KB 47ms
47ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 34facdf1f8057f993bc7f5de07e3ea25a03b66e65d11e6e382823e8db951c2a2

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hCkLwRFR93lYF4VjaYxdmzUTRmbkDmyt
content-encoding: br
etag: "6109e71ba150e60f9c4e0886722c4e04"
age: 19938
x-cache: HIT
content-length: 105936
x-amz-id-2: rMiI1BouiHXKKlcvy2eOJ7KGPW3LEtIuS7FbHJJIz/7lEXzww8tDjzdZFnf4zD0Wi90Oe4sq3wg=
x-served-by: cache-hhn11553-HHN
last-modified: Thu, 24 Dec 2020 10:53:17 GMT
server: AmazonS3-br
x-timer: S1609201660.497576,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: 6B44BA8A6761BDC8
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 56
x-cache-hits: 81812

GET
H2 200 impl.20201224-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 70AC 450 KB
104 KB 49ms
49ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 34facdf1f8057f993bc7f5de07e3ea25a03b66e65d11e6e382823e8db951c2a2

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hCkLwRFR93lYF4VjaYxdmzUTRmbkDmyt
content-encoding: br
etag: "6109e71ba150e60f9c4e0886722c4e04"
age: 19938
x-cache: HIT
content-length: 105936
x-amz-id-2: rMiI1BouiHXKKlcvy2eOJ7KGPW3LEtIuS7FbHJJIz/7lEXzww8tDjzdZFnf4zD0Wi90Oe4sq3wg=
x-served-by: cache-hhn11553-HHN
last-modified: Thu, 24 Dec 2020 10:53:17 GMT
server: AmazonS3-br
x-timer: S1609201661.502619,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: 6B44BA8A6761BDC8
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 56
x-cache-hits: 81813

GET
H2 200 json Show response
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/trc/3/ Frame 1008 5 KB
3 KB 95ms
94ms XHR
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/trc/3/json?tim=01%3A27%3A40.556&lti=deflated&data=%7B%22id%22%3A273%2C%22ii%22%3A%22%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1608819447932%2C%22vi%22%3A1609201660553%2C%22cv%22%3A%2220201224-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217556235%22%2C%22orig_uip%22%3A%2217556235%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%2C17556235%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 55a269603905b85df7f8e47f5b6db23c9fe400e7385ee25f669e2f9584f56e02

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 63
date: Tue, 29 Dec 2020 00:27:40 GMT
content-encoding: gzip
server: nginx
x-timer: S1609201661.578534,VS0,VE63
x-served-by: cache-hhn11553-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://loged.webcindario.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 impl.20201224-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 4205 450 KB
104 KB 32ms
31ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 34facdf1f8057f993bc7f5de07e3ea25a03b66e65d11e6e382823e8db951c2a2

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hCkLwRFR93lYF4VjaYxdmzUTRmbkDmyt
content-encoding: br
etag: "6109e71ba150e60f9c4e0886722c4e04"
age: 19938
x-cache: HIT
content-length: 105936
x-amz-id-2: rMiI1BouiHXKKlcvy2eOJ7KGPW3LEtIuS7FbHJJIz/7lEXzww8tDjzdZFnf4zD0Wi90Oe4sq3wg=
x-served-by: cache-hhn11553-HHN
last-modified: Thu, 24 Dec 2020 10:53:17 GMT
server: AmazonS3-br
x-timer: S1609201661.586742,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: 6B44BA8A6761BDC8
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 56
x-cache-hits: 81814

GET
H2 200 json Show response
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/trc/3/ Frame 264A 5 KB
3 KB 94ms
94ms XHR
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/trc/3/json?tim=01%3A27%3A40.586&lti=deflated&data=%7B%22id%22%3A32%2C%22ii%22%3A%22%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1608819447932%2C%22vi%22%3A1609201660553%2C%22cv%22%3A%2220201224-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217556235%22%2C%22orig_uip%22%3A%2217556235%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%2C17556235%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c7af3f6112d7a1ee75e2cff841531f52843b0d3a8d99cda08840d15aab0fe3d

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 63
date: Tue, 29 Dec 2020 00:27:40 GMT
content-encoding: gzip
server: nginx
x-timer: S1609201661.606559,VS0,VE63
x-served-by: cache-hhn11553-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://loged.webcindario.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/trc/3/ Frame 1981 5 KB
3 KB 90ms
89ms XHR
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/trc/3/json?tim=01%3A27%3A40.604&lti=deflated&data=%7B%22id%22%3A978%2C%22ii%22%3A%22%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1608819447932%2C%22vi%22%3A1609201660553%2C%22cv%22%3A%2220201224-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217556235%22%2C%22orig_uip%22%3A%2217556235%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%2C17556235%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: edf1fdb7ef88e8040b5755bc421e23bc4e98e21b905e1dd0cd277b81e2759a57

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 59
date: Tue, 29 Dec 2020 00:27:40 GMT
content-encoding: gzip
server: nginx
x-timer: S1609201661.624882,VS0,VE59
x-served-by: cache-hhn11553-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://loged.webcindario.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ Frame 1008 9 KB
3 KB 39ms
38ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 994f1e42374da62e0cee6d313ded050cf25da1791bc6b93108b6c767ef9ee5c8

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: jMf5pqf.SadM71FjPvdg8VWrEWjJxNjG
content-encoding: gzip
etag: "b1c2e56f4b8971192b6424f549fefefb"
age: 19672
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3121
x-amz-id-2: 81CWR76uLRJj3V83hqVkCloO8qA6g7iFljNc6VJPUudh7T+qxabRVOhu0qvscX5c724UvElJ+RU=
x-served-by: cache-hhn11553-HHN
last-modified: Wed, 16 Dec 2020 10:52:48 GMT
server: AmazonS3
x-timer: S1609201661.685758,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: C9D331329E4BA734
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 18
x-cache-hits: 234932

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 1008 3 KB
1 KB 31ms
31ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tcahAQL7SM5vHmChLog9xryayd2KNhUu
content-encoding: gzip
etag: "9e155136143a96e23a99757df9aa3cc8"
age: 25590
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 728
x-amz-id-2: F511ZOU+f6Q+sqbWMumRisyTrwRpkm3FWMsmLIsnKa/IwVxkrGRtPSPQIlc/TyTY8rykuA1eNio=
x-served-by: cache-hhn11553-HHN
last-modified: Sun, 15 Nov 2020 09:20:35 GMT
server: AmazonS3
x-timer: S1609201661.685669,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: 6H4P7X5VCY1X4JBG
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 18
x-cache-hits: 404985

GET
H2 200 userx.20201224-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 1008 23 KB
8 KB 41ms
40ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20201224-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2077feca4c7d47457b724e1dba0636a33940d419f934bf1e0c6ab10a9bcd8fd

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: lE4X3tXEs7mDYzVypmZ5EKCgkRDT8kLA
content-encoding: gzip
etag: "e87399d926e40ccd04f692acdef11240"
age: 17
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 7880
x-amz-id-2: wCifvYonxrpI3KvtKV4gZO048bij0qVhhfXS47MDu3ULJ5iZ66zzstGlfT+xRVcsiaiR8QLyZ5A=
x-served-by: cache-hhn11553-HHN
last-modified: Thu, 24 Dec 2020 10:57:26 GMT
server: AmazonS3
x-timer: S1609201661.694841,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: 90B5B0AA16920474
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 18
x-cache-hits: 5

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 6C2F
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&tbid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&query=taboola_hm%3Dd492cbe8-1aeb-...

0
52 B

40ms
39ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&tbid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&query=taboola_hm%3Dd492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:40 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201661.896865,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11553-HHN

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&tbid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&query=taboola_hm%3Dd492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&isDirect=0
tbl-x-upstream: 10.41.22.84:10213
date: Tue, 29 Dec 2020 00:27:40 GMT
server: nginx
x-fastly-to-nlb-rtt: 16182

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 6C2F 0
239 B 34ms
31ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 6C2F
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Unm6eA9qrpYH&ev=1&orig=trc&pid=562107

0
218 B

38ms
38ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Unm6eA9qrpYH&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.175:10213
date: Tue, 29 Dec 2020 00:27:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 19754

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Unm6eA9qrpYH&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-659d447f4f-9xn8h
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 6C2F 43 B
689 B 37ms
34ms Image
image/gif 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:40 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.8:80
AN-X-Request-Uuid: d4189b99-2ea2-4c58-8a6e-d7cf76bb6dfc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 6C2F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEChkbKLLbO062JrozTLX1aI&google_cver=1

0
204 B

47ms
47ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEChkbKLLbO062JrozTLX1aI&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Tue, 29 Dec 2020 00:27:40 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201661.742222,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11553-HHN

Redirect headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEChkbKLLbO062JrozTLX1aI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame 6C2F 42 B
885 B 158ms
38ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c:$UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:40 GMT
X-lat: Pug22065:0:388
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 6C2F
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&google_tc=

170 B
190 B

16ms
15ms

Image
image/png

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&google_tc=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 376
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 6C2F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e5f40fa0-f0e7-400f-8200-516633f6021a

0
58 B

42ms
42ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e5f40fa0-f0e7-400f-8200-516633f6021a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Tue, 29 Dec 2020 00:27:40 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201661.747807,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11553-HHN

Redirect headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e5f40fa0-f0e7-400f-8200-516633f6021a
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 6C2F
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

44ms
43ms

Image
text/plain

216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:40 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:40 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 6C2F 49 B
406 B 318ms
102ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-659d447f4f-556cv
expires: -1

GET
H2

200

rtb-h
sync.taboola.com/sg/storygize-network/1/ Frame 6C2F
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
227 B

38ms
38ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.175:10213
date: Tue, 29 Dec 2020 00:27:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 26317

Redirect headers

Location: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
Content-Length: 0
expires: 0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 6C2F 43 B
697 B 170ms
55ms Image
image/gif 185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 6C2F 42 B
233 B 283ms
94ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:40 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 200 put
e1.emxdgt.com/ Frame 6C2F 43 B
124 B 172ms
37ms Image
image/gif 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:40 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 6C2F
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7c6d3bee-4725-43ce-b401-71cfd599ff06

0
227 B

39ms
38ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7c6d3bee-4725-43ce-b401-71cfd599ff06
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.64:10213
date: Tue, 29 Dec 2020 00:27:40 GMT
server: nginx
x-fastly-to-nlb-rtt: 16174

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7c6d3bee-4725-43ce-b401-71cfd599ff06
cache-control: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
server-processing-duration-in-ticks: 1969
content-type: text/html; charset=utf-8
content-length: 222
expires: Tue, 29 Dec 2020 00:00:00 GMT

GET

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/ Frame 6C2F
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&gdpr=1&gdpr_consent=
https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F100%2F6%2F2.gif%3Fpuid%3D%7BWEBO_CID%7D%26gdpr%3D1%26gdpr_consent%3D
https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F100%2F6%2F2.gif%3Fpuid%3D%7BWEBO_CID%7D%26gdpr%3D1%26gdpr_consent%3D&bounce=1&random=914925377
https://id5-sync.com/cq/464/100/6/2.gif?puid=hVgPz0Q2dF0.SxFu/zfea.&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
https://id5-sync.com/c/464/108/5/3.gif?puid=a9647203-496c-11eb-8a69-4add20e737cf&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOjGx4OIQ8i2Zhw6746oDhai58DDsnPj7hoL8nQA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F4%2F4.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOjGx4OIQ8i2Zhw6746oDhai58DDsnPj7hoL8nQA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F4%2F4.gif%3Fp...
https://id5-sync.com/cq/464/124/4/4.gif?puid=a800399b-2fc2-4716-b228-dca238b38801&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/441/3/5.gif?puid=e_609b1107-712b-4b8b-96ed-df0cf04a9005&gdpr=1&gdpr_consent=
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F2%2F6.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F2%2F6.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1
https://id5-sync.com/c/464/9/2/6.gif?puid=io2w7h2oQQMmSVXcaIJ_gOVJcLanbeDUi0iq0A5cfFk&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/1/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/1/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=

0
0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 6C2F
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=xEo8EU5oBsejLr3x_XfqXw

0
218 B

38ms
38ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=xEo8EU5oBsejLr3x_XfqXw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.134:10213
date: Tue, 29 Dec 2020 00:27:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 22248

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=xEo8EU5oBsejLr3x_XfqXw
date: Tue, 29 Dec 2020 00:27:41 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 6C2F 35 B
380 B 423ms
103ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:02 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame 6C2F 0
155 B 306ms
100ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&_r=5841244
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 29 Dec 2020 00:27:41 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 6C2F
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtaboola%26bsw_param%...
https://x.bidswitch.net/sync?dsp_id=354&user_id=4031e4830c4745d9b6e6e632012d0f78&ssp=taboola&bsw_param=a810fd3f-3ce2-413d-a368-c7241c555583&gdpr=0&consent=&gdpr_pd=
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a810fd3f-3ce2-413d-a368-c7241c555583

0
227 B

38ms
38ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a810fd3f-3ce2-413d-a368-c7241c555583
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.134:10213
date: Tue, 29 Dec 2020 00:27:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 24291

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a810fd3f-3ce2-413d-a368-c7241c555583
date: Tue, 29 Dec 2020 00:27:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame B016
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&tbid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&query=taboola_hm%3Dd492cbe8-1aeb-...

0
76 B

40ms
39ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&tbid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&query=taboola_hm%3Dd492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201661.080948,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11553-HHN

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&tbid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&query=taboola_hm%3Dd492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&isDirect=0
tbl-x-upstream: 10.41.14.127:10213
date: Tue, 29 Dec 2020 00:27:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 20222

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame B016 0
239 B 32ms
31ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame B016
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=kHiNSGE9f4lv&ev=1&orig=trc&pid=562107

0
219 B

39ms
38ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=kHiNSGE9f4lv&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Tue, 29 Dec 2020 00:27:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 21578

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=kHiNSGE9f4lv&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-659d447f4f-b4x6b
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame B016 43 B
690 B 36ms
35ms Image
image/gif 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:41 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.51:80
AN-X-Request-Uuid: 37ff4b1b-98dc-4172-bec2-2e3a3e31f275
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame B016
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEChkbKLLbO062JrozTLX1aI&google_cver=1

0
55 B

43ms
43ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEChkbKLLbO062JrozTLX1aI&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Tue, 29 Dec 2020 00:27:40 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201661.747677,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11553-HHN

Redirect headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEChkbKLLbO062JrozTLX1aI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B016
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

170 B
213 B

17ms
15ms

Image
image/png

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
tbl-x-upstream: 10.41.22.181:10213
date: Tue, 29 Dec 2020 00:27:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 20222

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame B016
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e5f40fa0-f0e7-400f-8200-516633f6021a

0
80 B

50ms
49ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e5f40fa0-f0e7-400f-8200-516633f6021a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Tue, 29 Dec 2020 00:27:40 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201661.760538,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11553-HHN

Redirect headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e5f40fa0-f0e7-400f-8200-516633f6021a
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame B016 42 B
233 B 98ms
93ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:41 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B016
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7c6d3bee-4725-43ce-b401-71cfd599ff06

0
227 B

39ms
38ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7c6d3bee-4725-43ce-b401-71cfd599ff06
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.175:10213
date: Tue, 29 Dec 2020 00:27:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 20912

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7c6d3bee-4725-43ce-b401-71cfd599ff06
cache-control: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
server-processing-duration-in-ticks: 3337
content-type: text/html; charset=utf-8
content-length: 222
expires: Tue, 29 Dec 2020 00:00:00 GMT

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame B016
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=bB6PmaIMB_uYdtle_XfqXw

0
219 B

38ms
38ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=bB6PmaIMB_uYdtle_XfqXw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.222:10213
date: Tue, 29 Dec 2020 00:27:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 22248

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=bB6PmaIMB_uYdtle_XfqXw
date: Tue, 29 Dec 2020 00:27:41 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame B016 35 B
380 B 297ms
104ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:02 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET

/
c1.adform.net/serving/cookie/match/ Frame B016
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola

0
0

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ Frame 264A 9 KB
3 KB 31ms
30ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 994f1e42374da62e0cee6d313ded050cf25da1791bc6b93108b6c767ef9ee5c8

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: jMf5pqf.SadM71FjPvdg8VWrEWjJxNjG
content-encoding: gzip
etag: "b1c2e56f4b8971192b6424f549fefefb"
age: 19672
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3121
x-amz-id-2: 81CWR76uLRJj3V83hqVkCloO8qA6g7iFljNc6VJPUudh7T+qxabRVOhu0qvscX5c724UvElJ+RU=
x-served-by: cache-hhn11553-HHN
last-modified: Wed, 16 Dec 2020 10:52:48 GMT
server: AmazonS3
x-timer: S1609201661.720187,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: C9D331329E4BA734
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 43
x-cache-hits: 234933

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 264A 3 KB
1 KB 38ms
37ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tcahAQL7SM5vHmChLog9xryayd2KNhUu
content-encoding: gzip
etag: "9e155136143a96e23a99757df9aa3cc8"
age: 25590
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 728
x-amz-id-2: F511ZOU+f6Q+sqbWMumRisyTrwRpkm3FWMsmLIsnKa/IwVxkrGRtPSPQIlc/TyTY8rykuA1eNio=
x-served-by: cache-hhn11553-HHN
last-modified: Sun, 15 Nov 2020 09:20:35 GMT
server: AmazonS3
x-timer: S1609201661.720659,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: 6H4P7X5VCY1X4JBG
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 43
x-cache-hits: 404986

GET
H2 200 userx.20201224-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 264A 23 KB
8 KB 36ms
33ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20201224-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2077feca4c7d47457b724e1dba0636a33940d419f934bf1e0c6ab10a9bcd8fd

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: lE4X3tXEs7mDYzVypmZ5EKCgkRDT8kLA
content-encoding: gzip
etag: "e87399d926e40ccd04f692acdef11240"
age: 17
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 7880
x-amz-id-2: wCifvYonxrpI3KvtKV4gZO048bij0qVhhfXS47MDu3ULJ5iZ66zzstGlfT+xRVcsiaiR8QLyZ5A=
x-served-by: cache-hhn11553-HHN
last-modified: Thu, 24 Dec 2020 10:57:26 GMT
server: AmazonS3
x-timer: S1609201661.726926,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: 90B5B0AA16920474
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 43
x-cache-hits: 6

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame B016 42 B
885 B 39ms
38ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=d2036312-9c44-4c81-98d8-15ec64adee0f-tuct6e3fd7c:$UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:41 GMT
X-lat: Pug22047:0:493
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame B016 43 B
687 B 44ms
43ms Image
image/gif 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=d2036312-9c44-4c81-98d8-15ec64adee0f-tuct6e3fd7c&us_privacy=&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:41 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame B016 49 B
333 B 101ms
99ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=d2036312-9c44-4c81-98d8-15ec64adee0f-tuct6e3fd7c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-659d447f4f-b4x6b
expires: -1

GET
H2

200

rtb-h
sync.taboola.com/sg/storygize-network/1/ Frame B016
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=d2036312-9c44-4c81-98d8-15ec64adee0f-tuct6e3fd7c
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
228 B

39ms
38ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Tue, 29 Dec 2020 00:27:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 22061

Redirect headers

Location: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
Content-Length: 0
expires: 0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame B016 43 B
438 B 54ms
54ms Image
image/gif 185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=d2036312-9c44-4c81-98d8-15ec64adee0f-tuct6e3fd7c&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 put
e1.emxdgt.com/ Frame B016 43 B
98 B 37ms
36ms Image
image/gif 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=d2036312-9c44-4c81-98d8-15ec64adee0f-tuct6e3fd7c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:41 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/ Frame B016
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=d2036312-9c44-4c81-98d8-15ec64adee0f-tuct6e3fd7c&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://id5-sync.com/c/464/108/6/2.gif?puid=a9647203-496c-11eb-8a69-4add20e737cf&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOjGx4OIQ8i2Zhw6746oDhai58DDsnPj7hoL8nQA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOjGx4OIQ8i2Zhw6746oDhai58DDsnPj7hoL8nQA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fp...
https://id5-sync.com/cq/464/124/5/3.gif?puid=a800399b-2fc2-4716-b228-dca238b38801&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/441/4/4.gif?puid=e_fc5b37e3-8c17-45cb-825a-441a8fcac875&gdpr=1&gdpr_consent=
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1
https://id5-sync.com/c/464/9/3/5.gif?puid=xdzEsyDZaRmSFvQjckMk8jcxxEzG3nFtk0VzUP9D_nU&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/2/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/2/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=

0
0

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame B016 0
155 B 717ms
94ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=d2036312-9c44-4c81-98d8-15ec64adee0f-tuct6e3fd7c&_r=7630313
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 29 Dec 2020 00:27:41 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2 204 fix-user-id
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/ Frame 264A 0
210 B 40ms
39ms Image
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/fix-user-id?lti=deflated&ri=39c9e781b558fd637438062fe77c7253&sd=v2_7082718ab4da055de7668a886ac837a7_d2036312-9c44-4c81-98d8-15ec64adee0f-tuct6e3fd7c_1609201660_1609201660_CIi3jgYQsJRMGInlkt_qLiABKAEwSjjE1whA3YsQSOz-1wNQtqEPWABgAGjipqqRsq2X4nA&ui=d2036312-9c44-4c81-98d8-15ec64adee0f-tuct6e3fd7c&pi=/l-o-g/session/app/signin.php&wi=-3878373552732216476&pt=text&vi=1609201660553&time=1609201660700&fromUser=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&toUser=d2036312-9c44-4c81-98d8-15ec64adee0f-tuct6e3fd7c&fromSD=v2_ad346d43c4507d59b8d8cfe6a2fc962d_eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c_1609201660_1609201660_CNawjgYQsJRMGInlkt_qLiABKAEwSjjE1whA3YsQSOz-1wNQtqEPWABgAGjipqqRsq2X4nA&toSD=v2_7082718ab4da055de7668a886ac837a7_d2036312-9c44-4c81-98d8-15ec64adee0f-tuct6e3fd7c_1609201660_1609201660_CIi3jgYQsJRMGInlkt_qLiABKAEwSjjE1whA3YsQSOz-1wNQtqEPWABgAGjipqqRsq2X4nA&tim=01%3A27%3A40.700&id=4404&llvl=1&cv=20201224-10-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201661.406299,VS0,VE9
x-served-by: cache-hhn11553-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 1211693250__oHYiBsdz.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame 1008 33 KB
34 KB 32ms
31ms Image
image/jpeg 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1211693250__oHYiBsdz.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9133faf904c35de5f79be8708d16224288dc02f6a8118ae5a4bfc5f25171f1f0

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 4637037
edge-cache-tag: 618454571916199966676063470136204968540,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sat, 14 Nov 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1211693250__oHYiBsdz.jpg
content-length: 33823
x-served-by: cache-dca17763-DCA, cache-dca17761-DCA, cache-hhn11553-HHN
last-modified: Wed, 14 Oct 2020 10:53:39 GMT
server: cloudinary
x-timer: S1609201661.447496,VS0,VE0
etag: "f3f7992471d55f79cf170b70bbb1cde4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 5

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 7021
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&tbid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&query=taboola_hm%3Dd492cbe8-1aeb-...

0
92 B

39ms
38ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&tbid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&query=taboola_hm%3Dd492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201662.558829,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11553-HHN

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&tbid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&query=taboola_hm%3Dd492cbe8-1aeb-4cdc-ae59-9b26ddee9ab5&isDirect=0
tbl-x-upstream: 10.41.14.127:10213
date: Tue, 29 Dec 2020 00:27:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 25040

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 7021 0
239 B 32ms
31ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 7021
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=DkFEPrXjcVHD&ev=1&orig=trc&pid=562107

0
218 B

38ms
38ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=DkFEPrXjcVHD&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.195:10213
date: Tue, 29 Dec 2020 00:27:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 22980

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=DkFEPrXjcVHD&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-659d447f4f-b4x6b
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 7021 43 B
691 B 31ms
31ms Image
image/gif 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:41 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.102:80
AN-X-Request-Uuid: 1187fc52-7c59-4b7b-8de9-8c9330a0a885
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 7021
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEChkbKLLbO062JrozTLX1aI&google_cver=1

0
92 B

51ms
51ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEChkbKLLbO062JrozTLX1aI&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Tue, 29 Dec 2020 00:27:40 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201661.759532,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11553-HHN

Redirect headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEChkbKLLbO062JrozTLX1aI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 7021
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

170 B
190 B

15ms
15ms

Image
image/png

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
tbl-x-upstream: 10.41.34.64:10213
date: Tue, 29 Dec 2020 00:27:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 23932

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 7021
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e5f40fa0-f0e7-400f-8200-516633f6021a

0
191 B

81ms
81ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e5f40fa0-f0e7-400f-8200-516633f6021a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Tue, 29 Dec 2020 00:27:40 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201661.781007,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11553-HHN

Redirect headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:40 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e5f40fa0-f0e7-400f-8200-516633f6021a
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 7021 42 B
233 B 93ms
93ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:41 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 7021
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7c6d3bee-4725-43ce-b401-71cfd599ff06

0
227 B

38ms
37ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7c6d3bee-4725-43ce-b401-71cfd599ff06
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.175:10213
date: Tue, 29 Dec 2020 00:27:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 22248

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7c6d3bee-4725-43ce-b401-71cfd599ff06
cache-control: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
server-processing-duration-in-ticks: 3079
content-type: text/html; charset=utf-8
content-length: 222
expires: Tue, 29 Dec 2020 00:00:00 GMT

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 7021
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=p0iBmgapC3apTeQZ_XfqXw

0
218 B

39ms
38ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=p0iBmgapC3apTeQZ_XfqXw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Tue, 29 Dec 2020 00:27:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 26782

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=p0iBmgapC3apTeQZ_XfqXw
date: Tue, 29 Dec 2020 00:27:41 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 7021 35 B
380 B 104ms
103ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:03 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET

cm
p.rfihub.com/ Frame 7021
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola

0
0

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ Frame 1981 9 KB
3 KB 42ms
40ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 994f1e42374da62e0cee6d313ded050cf25da1791bc6b93108b6c767ef9ee5c8

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: jMf5pqf.SadM71FjPvdg8VWrEWjJxNjG
content-encoding: gzip
etag: "b1c2e56f4b8971192b6424f549fefefb"
age: 19672
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3121
x-amz-id-2: 81CWR76uLRJj3V83hqVkCloO8qA6g7iFljNc6VJPUudh7T+qxabRVOhu0qvscX5c724UvElJ+RU=
x-served-by: cache-hhn11553-HHN
last-modified: Wed, 16 Dec 2020 10:52:48 GMT
server: AmazonS3
x-timer: S1609201661.737768,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: C9D331329E4BA734
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 43
x-cache-hits: 234934

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 1981 3 KB
802 B 32ms
30ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tcahAQL7SM5vHmChLog9xryayd2KNhUu
content-encoding: gzip
etag: "9e155136143a96e23a99757df9aa3cc8"
age: 25590
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 728
x-amz-id-2: F511ZOU+f6Q+sqbWMumRisyTrwRpkm3FWMsmLIsnKa/IwVxkrGRtPSPQIlc/TyTY8rykuA1eNio=
x-served-by: cache-hhn11553-HHN
last-modified: Sun, 15 Nov 2020 09:20:35 GMT
server: AmazonS3
x-timer: S1609201661.737691,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: 6H4P7X5VCY1X4JBG
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 43
x-cache-hits: 404987

GET
H2 200 userx.20201224-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 1981 23 KB
8 KB 40ms
40ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20201224-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x250gr-r17556235/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2077feca4c7d47457b724e1dba0636a33940d419f934bf1e0c6ab10a9bcd8fd

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: lE4X3tXEs7mDYzVypmZ5EKCgkRDT8kLA
content-encoding: gzip
etag: "e87399d926e40ccd04f692acdef11240"
age: 17
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 7880
x-amz-id-2: wCifvYonxrpI3KvtKV4gZO048bij0qVhhfXS47MDu3ULJ5iZ66zzstGlfT+xRVcsiaiR8QLyZ5A=
x-served-by: cache-hhn11553-HHN
last-modified: Thu, 24 Dec 2020 10:57:26 GMT
server: AmazonS3
x-timer: S1609201661.739824,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
vary: Accept-Encoding
x-amz-request-id: 90B5B0AA16920474
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 43
x-cache-hits: 7

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame 7021 42 B
885 B 38ms
38ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=085e4b5b-6b18-47de-a0cc-020a1b9edf16-tuct6e3fd7c:$UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:41 GMT
X-lat: Pug22061:0:359
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 7021 43 B
1 KB 44ms
43ms Image
image/gif 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=085e4b5b-6b18-47de-a0cc-020a1b9edf16-tuct6e3fd7c&us_privacy=&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Dec 2020 00:27:41 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 7021 49 B
333 B 107ms
105ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=085e4b5b-6b18-47de-a0cc-020a1b9edf16-tuct6e3fd7c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-659d447f4f-b4x6b
expires: -1

GET
H2

200

rtb-h
sync.taboola.com/sg/storygize-network/1/ Frame 7021
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=085e4b5b-6b18-47de-a0cc-020a1b9edf16-tuct6e3fd7c
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
228 B

38ms
38ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Tue, 29 Dec 2020 00:27:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 25453

Redirect headers

Location: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
Content-Length: 0
expires: 0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 7021 43 B
438 B 54ms
53ms Image
image/gif 185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=085e4b5b-6b18-47de-a0cc-020a1b9edf16-tuct6e3fd7c&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 put
e1.emxdgt.com/ Frame 7021 43 B
75 B 37ms
36ms Image
image/gif 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=085e4b5b-6b18-47de-a0cc-020a1b9edf16-tuct6e3fd7c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:41 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/ Frame 7021
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=085e4b5b-6b18-47de-a0cc-020a1b9edf16-tuct6e3fd7c&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F6%2F2.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F6%2F2.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1
https://id5-sync.com/c/464/9/6/2.gif?puid=kteCh3ZcQAiu9WRtKV2qHIt9Fdx9vbG_5eOdy-hX89U&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=

0
0

GET /
cds.taboola.com/ Frame 7021 0
0

GET
H2 204 fix-user-id
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/ Frame 1981 0
59 B 85ms
84ms Image
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/fix-user-id?lti=deflated&ri=9061540f49ef80a111454885f0eea930&sd=v2_4dc7ab29fbfeeb580dac8ee9f11468d7_085e4b5b-6b18-47de-a0cc-020a1b9edf16-tuct6e3fd7c_1609201660_1609201660_CIi3jgYQsJRMGInlkt_qLiABKAEwSjjE1whA3YsQSOz-1wNQtqEPWABgAGjipqqRsq2X4nA&ui=085e4b5b-6b18-47de-a0cc-020a1b9edf16-tuct6e3fd7c&pi=/l-o-g/session/app/signin.php&wi=-3878373552732216476&pt=text&vi=1609201660553&time=1609201660716&fromUser=d2036312-9c44-4c81-98d8-15ec64adee0f-tuct6e3fd7c&toUser=085e4b5b-6b18-47de-a0cc-020a1b9edf16-tuct6e3fd7c&fromSD=v2_7082718ab4da055de7668a886ac837a7_d2036312-9c44-4c81-98d8-15ec64adee0f-tuct6e3fd7c_1609201660_1609201660_CIi3jgYQsJRMGInlkt_qLiABKAEwSjjE1whA3YsQSOz-1wNQtqEPWABgAGjipqqRsq2X4nA&toSD=v2_4dc7ab29fbfeeb580dac8ee9f11468d7_085e4b5b-6b18-47de-a0cc-020a1b9edf16-tuct6e3fd7c_1609201660_1609201660_CIi3jgYQsJRMGInlkt_qLiABKAEwSjjE1whA3YsQSOz-1wNQtqEPWABgAGjipqqRsq2X4nA&tim=01%3A27%3A40.716&id=1159&llvl=1&cv=20201224-10-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201662.781852,VS0,VE9
x-served-by: cache-hhn11553-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 34b849099fc76ddaecc0c73d059cd4d6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 264A 24 KB
25 KB 32ms
32ms Image
image/jpeg 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34b849099fc76ddaecc0c73d059cd4d6.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 3159892982f15db626f723789c981fe4ddd4c3084982bbb1d0224c3c32b2fe18

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1642772
edge-cache-tag: 316130714067404621369935880409577073968,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 13 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34b849099fc76ddaecc0c73d059cd4d6.jpg
content-length: 24625
x-served-by: cache-dca17745-DCA, cache-dca17771-DCA, cache-hhn11553-HHN
last-modified: Thu, 12 Nov 2020 08:01:30 GMT
server: cloudinary
x-timer: S1609201662.866346,VS0,VE1
etag: "8e683141dcc398ea6ea551918666f176"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 1211693250__oHYiBsdz.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame 1981 33 KB
34 KB 31ms
31ms Image
image/jpeg 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1211693250__oHYiBsdz.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9133faf904c35de5f79be8708d16224288dc02f6a8118ae5a4bfc5f25171f1f0

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 4637038
edge-cache-tag: 618454571916199966676063470136204968540,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sat, 14 Nov 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1211693250__oHYiBsdz.jpg
content-length: 33823
x-served-by: cache-dca17763-DCA, cache-dca17761-DCA, cache-hhn11553-HHN
last-modified: Wed, 14 Oct 2020 10:53:39 GMT
server: cloudinary
x-timer: S1609201662.899153,VS0,VE0
etag: "f3f7992471d55f79cf170b70bbb1cde4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 6

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 1008 254 B
656 B 50ms
50ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 3238
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by: cache-hhn11553-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1609201661.759600,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
x-amz-request-id: 29D722C296265892
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 43
x-cache-hits: 1279

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 264A 254 B
325 B 44ms
44ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 3238
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by: cache-hhn11553-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1609201661.765545,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
x-amz-request-id: 29D722C296265892
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 43
x-cache-hits: 1280

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 1981 254 B
337 B 76ms
75ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 3238
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by: cache-hhn11553-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1609201661.785876,VS0,VE0
date: Tue, 29 Dec 2020 00:27:40 GMT
x-amz-request-id: 29D722C296265892
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 43
x-cache-hits: 1281

GET
H2 200 json Show response
trc.taboola.com/indice-hwebcindario300x600gr-r17556238/trc/3/ Frame 9559 13 KB
5 KB 111ms
110ms XHR
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x600gr-r17556238/trc/3/json?tim=01%3A27%3A41.102&lti=deflated&data=%7B%22id%22%3A635%2C%22ii%22%3A%22%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3A%22085e4b5b-6b18-47de-a0cc-020a1b9edf16-tuct6e3fd7c%22%2C%22uifp%22%3Anull%2C%22lbt%22%3A1608818950143%2C%22vi%22%3A1609201660553%2C%22cv%22%3A%2220201224-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22lspb%22%3A%22CwsIQhCb12AMCwiJARCb12AMCwiRARCb12AMCwggEJvXYAwLCKEBEJvXYAwLCKIBEJvXYAwLCCQQm9dgDAsIJxCb12AMCwirARCb12AMCwitARCb12AMCwgtEJvXYAwLCK4BEJvXYAwLCK8BEJvXYAwLCLABEJvXYAwLCLIBEJvXYAwLCLUBEJvXYAwLCLYBEJvXYAwLCDsQm9dgDAsIPRC8iGAMCwg_EJvXYAwMExQ%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A600%2C%22dw%22%3A300%2C%22dh%22%3A600%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217556238%22%2C%22orig_uip%22%3A%2217556238%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%2C17556238%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fb7102c896cc8fdb2eb83d2ad7e8968e8a22096d0537528cf94aa4b7455b8489

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 79
date: Tue, 29 Dec 2020 00:27:41 GMT
content-encoding: gzip
server: nginx
x-timer: S1609201661.125344,VS0,VE79
x-served-by: cache-hhn11553-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://loged.webcindario.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/indice-hwebcindario300x600gr-r17556238/trc/3/ Frame 70AC 13 KB
5 KB 113ms
110ms XHR
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x600gr-r17556238/trc/3/json?tim=01%3A27%3A41.119&lti=deflated&data=%7B%22id%22%3A57%2C%22ii%22%3A%22%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3A%22085e4b5b-6b18-47de-a0cc-020a1b9edf16-tuct6e3fd7c%22%2C%22uifp%22%3Anull%2C%22lbt%22%3A1608818950143%2C%22vi%22%3A1609201660553%2C%22cv%22%3A%2220201224-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22lspb%22%3A%22CwsIQhCb12AMCwiJARCb12AMCwiRARCb12AMCwggEJvXYAwLCKEBEJvXYAwLCKIBEJvXYAwLCCQQm9dgDAsIJxCb12AMCwirARCb12AMCwitARCb12AMCwgtEJvXYAwLCK4BEJvXYAwLCK8BEJvXYAwLCLABEJvXYAwLCLIBEJvXYAwLCLUBEJvXYAwLCLYBEJvXYAwLCDsQm9dgDAsIPRC8iGAMCwg_EJvXYAwMExQ%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A600%2C%22dw%22%3A300%2C%22dh%22%3A600%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217556238%22%2C%22orig_uip%22%3A%2217556238%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%2C17556238%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 97bb418350377b8793ce60dae56978ccaa2e0d7bac92ff2aaab481d214e842d8

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 72
date: Tue, 29 Dec 2020 00:27:41 GMT
content-encoding: gzip
server: nginx
x-timer: S1609201661.144026,VS0,VE72
x-served-by: cache-hhn11553-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://loged.webcindario.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/indice-hwebcindario300x600gr-r17556238/trc/3/ Frame 4205 13 KB
5 KB 113ms
112ms XHR
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x600gr-r17556238/trc/3/json?tim=01%3A27%3A41.134&lti=deflated&data=%7B%22id%22%3A29%2C%22ii%22%3A%22%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3A%22085e4b5b-6b18-47de-a0cc-020a1b9edf16-tuct6e3fd7c%22%2C%22uifp%22%3Anull%2C%22lbt%22%3A1608818950143%2C%22vi%22%3A1609201660553%2C%22cv%22%3A%2220201224-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22lspb%22%3A%22CwsIQhCb12AMCwiJARCb12AMCwiRARCb12AMCwggEJvXYAwLCKEBEJvXYAwLCKIBEJvXYAwLCCQQm9dgDAsIJxCb12AMCwirARCb12AMCwitARCb12AMCwgtEJvXYAwLCK4BEJvXYAwLCK8BEJvXYAwLCLABEJvXYAwLCLIBEJvXYAwLCLUBEJvXYAwLCLYBEJvXYAwLCDsQm9dgDAsIPRC8iGAMCwg_EJvXYAwMExQ%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22https%3A%2F%2Floged.webcindario.com%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A600%2C%22dw%22%3A300%2C%22dh%22%3A600%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217556238%22%2C%22orig_uip%22%3A%2217556238%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fl-o-g%2Fsession%2Fapp%2Fsignin.php%2C17556238%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 78bcf634d3f0963b83ce7c0b8a3718ec4e790bbf04c37f4196ead651a4639d4a

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 81
date: Tue, 29 Dec 2020 00:27:41 GMT
content-encoding: gzip
server: nginx
x-timer: S1609201661.156124,VS0,VE81
x-served-by: cache-hhn11553-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://loged.webcindario.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ Frame 9559 9 KB
3 KB 31ms
31ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 994f1e42374da62e0cee6d313ded050cf25da1791bc6b93108b6c767ef9ee5c8

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: jMf5pqf.SadM71FjPvdg8VWrEWjJxNjG
content-encoding: gzip
etag: "b1c2e56f4b8971192b6424f549fefefb"
age: 19674
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3121
x-amz-id-2: 81CWR76uLRJj3V83hqVkCloO8qA6g7iFljNc6VJPUudh7T+qxabRVOhu0qvscX5c724UvElJ+RU=
x-served-by: cache-hhn11553-HHN
last-modified: Wed, 16 Dec 2020 10:52:48 GMT
server: AmazonS3
x-timer: S1609201662.931124,VS0,VE0
date: Tue, 29 Dec 2020 00:27:41 GMT
vary: Accept-Encoding
x-amz-request-id: C9D331329E4BA734
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 18
x-cache-hits: 234943

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 9559 3 KB
1 KB 39ms
39ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tcahAQL7SM5vHmChLog9xryayd2KNhUu
content-encoding: gzip
etag: "9e155136143a96e23a99757df9aa3cc8"
age: 25590
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 728
x-amz-id-2: F511ZOU+f6Q+sqbWMumRisyTrwRpkm3FWMsmLIsnKa/IwVxkrGRtPSPQIlc/TyTY8rykuA1eNio=
x-served-by: cache-hhn11553-HHN
last-modified: Sun, 15 Nov 2020 09:20:35 GMT
server: AmazonS3
x-timer: S1609201661.248060,VS0,VE0
date: Tue, 29 Dec 2020 00:27:41 GMT
vary: Accept-Encoding
x-amz-request-id: 6H4P7X5VCY1X4JBG
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 18
x-cache-hits: 404989

GET
H2 200 userx.20201224-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 9559 23 KB
8 KB 39ms
39ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20201224-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2077feca4c7d47457b724e1dba0636a33940d419f934bf1e0c6ab10a9bcd8fd

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: lE4X3tXEs7mDYzVypmZ5EKCgkRDT8kLA
content-encoding: gzip
etag: "e87399d926e40ccd04f692acdef11240"
age: 19
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 7880
x-amz-id-2: wCifvYonxrpI3KvtKV4gZO048bij0qVhhfXS47MDu3ULJ5iZ66zzstGlfT+xRVcsiaiR8QLyZ5A=
x-served-by: cache-hhn11553-HHN
last-modified: Thu, 24 Dec 2020 10:57:26 GMT
server: AmazonS3
x-timer: S1609201662.932184,VS0,VE0
date: Tue, 29 Dec 2020 00:27:41 GMT
vary: Accept-Encoding
x-amz-request-id: 90B5B0AA16920474
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 18
x-cache-hits: 8

GET
H2

200

tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/ Frame 9559
Redirect Chain

https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

49 B
717 B

50ms
49ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:42 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.18.131
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:42 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
cache-control: no-cache
x-server: 10.45.9.40
content-length: 0
expires: 0

GET
H/1.1 200
OK 35702
tags.bluekai.com/site/ Frame 9559 62 B
329 B 250ms
177ms Image
image/gif 104.111.246.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/35702?id=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.246.202 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-246-202.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 00:27:41 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 7636
Content-Type: image/gif

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 9559 95 B
599 B 41ms
25ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1367&env=mWeb&cid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&gdpr=$0&gdpr_consent=$
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://loged.webcindario.com
access-control-allow-credentials: true
cf-ray: 608f658eea462bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 074d7dcd4c00002bd68a172000000001

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 9559 43 B
106 B 37ms
35ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_866925&src.visitorId=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cm
trc.taboola.com/sg/neustar/1/ Frame 9559
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164960803650000018722

0
224 B

39ms
38ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164960803650000018722
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201661.306599,VS0,VE8
x-served-by: cache-hhn11553-HHN
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164960803650000018722
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET 32441
i.liadm.com/s/ Frame 9559 0
0

GET /
pixel.onaudience.com/ Frame 9559 0
0

GET utsync.ashx
ml314.com/ Frame 9559 0
0

GET pixel.gif
sync.1dmp.io/ Frame 9559 0
0

GET
H2

204

/
loadm.exelator.com/load/ Frame 9559
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&xl8blockcheck=1

0
751 B

44ms
43ms

Image
text/plain

147.75.102.200
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&xl8blockcheck=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.200 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:41 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Tue, 29 Dec 2020 00:27:41 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 9559 95 B
259 B 46ms
30ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1412&env=mWeb&cid=7c96012d1a124ca18eab8630d47d6f5626154a68ead2c3cfff3090b00a4120e0&gdpr=$0&gdpr_consent=$
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://loged.webcindario.com
access-control-allow-credentials: true
cf-ray: 608f658eea4a2bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 074d7dcd4d00002bd6d7839000000001

GET sync
pixel.advertising.com/ups/55973/ Frame 9559 0
0

GET
H2 204 fix-user-id
trc.taboola.com/indice-hwebcindario300x600gr-r17556238/log/3/ Frame 9559 0
370 B 39ms
39ms Image
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/indice-hwebcindario300x600gr-r17556238/log/3/fix-user-id?lti=deflated&ri=bf0d9b8059332328ab4b8550c86172bb&sd=v2_f0d58827263368c0f5aa434b6c015a91_eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c_1609201661_1609201661_CIi3jgYQqZlMGInlkt_qLiABKAMwSjjE1whA3YsQSOz-1wNQtqEPWABgAGjipqqRsq2X4nA&ui=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&pi=/l-o-g/session/app/signin.php&wi=-1760427320024629917&pt=text&vi=1609201660553&time=1609201661228&fromUser=085e4b5b-6b18-47de-a0cc-020a1b9edf16-tuct6e3fd7c&toUser=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&toSD=v2_f0d58827263368c0f5aa434b6c015a91_eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c_1609201661_1609201661_CIi3jgYQqZlMGInlkt_qLiABKAMwSjjE1whA3YsQSOz-1wNQtqEPWABgAGjipqqRsq2X4nA&tim=01%3A27%3A41.228&id=6845&llvl=1&cv=20201224-10-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201662.962811,VS0,VE9
x-served-by: cache-hhn11553-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2

200

tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/ Frame 70AC
Redirect Chain

https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

49 B
717 B

79ms
78ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:42 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.26.192
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:42 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
cache-control: no-cache
x-server: 10.45.30.181
content-length: 0
expires: 0

GET
H/1.1 200
OK 35702
tags.bluekai.com/site/ Frame 70AC 62 B
329 B 409ms
174ms Image
image/gif 104.111.246.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/35702?id=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.246.202 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-246-202.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 00:27:41 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: aa6e
Content-Type: image/gif

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 70AC 95 B
259 B 28ms
22ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1367&env=mWeb&cid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&gdpr=$0&gdpr_consent=$
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://loged.webcindario.com
access-control-allow-credentials: true
cf-ray: 608f658eea582bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 074d7dcd5300002bd6bd808000000001

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 70AC 43 B
106 B 41ms
34ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_866925&src.visitorId=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&gdpr=0&gdpr_consent=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cm
trc.taboola.com/sg/neustar/1/ Frame 70AC
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164960903650000018765

0
57 B

41ms
40ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164960903650000018765
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201661.321291,VS0,VE8
x-served-by: cache-hhn11553-HHN
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164960903650000018765
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET 32441
i.liadm.com/s/ Frame 70AC 0
0

GET /
pixel.onaudience.com/ Frame 70AC 0
0

GET utsync.ashx
ml314.com/ Frame 70AC 0
0

GET pixel.gif
sync.1dmp.io/ Frame 70AC 0
0

GET
H2

204

/
loadm.exelator.com/load/ Frame 70AC
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&xl8blockcheck=1

0
751 B

43ms
43ms

Image
text/plain

147.75.102.200
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&xl8blockcheck=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.200 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:41 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Tue, 29 Dec 2020 00:27:41 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 70AC 95 B
259 B 29ms
22ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1412&env=mWeb&cid=7c96012d1a124ca18eab8630d47d6f5626154a68ead2c3cfff3090b00a4120e0&gdpr=$0&gdpr_consent=$
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://loged.webcindario.com
access-control-allow-credentials: true
cf-ray: 608f658eea572bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 074d7dcd5300002bd6e0951000000001

GET sync
pixel.advertising.com/ups/55973/ Frame 70AC 0
0

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ Frame 70AC 9 KB
3 KB 40ms
40ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 994f1e42374da62e0cee6d313ded050cf25da1791bc6b93108b6c767ef9ee5c8

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: jMf5pqf.SadM71FjPvdg8VWrEWjJxNjG
content-encoding: gzip
etag: "b1c2e56f4b8971192b6424f549fefefb"
age: 19674
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3121
x-amz-id-2: 81CWR76uLRJj3V83hqVkCloO8qA6g7iFljNc6VJPUudh7T+qxabRVOhu0qvscX5c724UvElJ+RU=
x-served-by: cache-hhn11553-HHN
last-modified: Wed, 16 Dec 2020 10:52:48 GMT
server: AmazonS3
x-timer: S1609201662.972053,VS0,VE0
date: Tue, 29 Dec 2020 00:27:41 GMT
vary: Accept-Encoding
x-amz-request-id: C9D331329E4BA734
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 18
x-cache-hits: 234944

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 70AC 3 KB
825 B 31ms
30ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tcahAQL7SM5vHmChLog9xryayd2KNhUu
content-encoding: gzip
etag: "9e155136143a96e23a99757df9aa3cc8"
age: 25590
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 728
x-amz-id-2: F511ZOU+f6Q+sqbWMumRisyTrwRpkm3FWMsmLIsnKa/IwVxkrGRtPSPQIlc/TyTY8rykuA1eNio=
x-served-by: cache-hhn11553-HHN
last-modified: Sun, 15 Nov 2020 09:20:35 GMT
server: AmazonS3
x-timer: S1609201661.272590,VS0,VE0
date: Tue, 29 Dec 2020 00:27:41 GMT
vary: Accept-Encoding
x-amz-request-id: 6H4P7X5VCY1X4JBG
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 18
x-cache-hits: 404991

GET
H2 200 userx.20201224-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 70AC 23 KB
8 KB 31ms
31ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20201224-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2077feca4c7d47457b724e1dba0636a33940d419f934bf1e0c6ab10a9bcd8fd

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: lE4X3tXEs7mDYzVypmZ5EKCgkRDT8kLA
content-encoding: gzip
etag: "e87399d926e40ccd04f692acdef11240"
age: 19
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 7880
x-amz-id-2: wCifvYonxrpI3KvtKV4gZO048bij0qVhhfXS47MDu3ULJ5iZ66zzstGlfT+xRVcsiaiR8QLyZ5A=
x-served-by: cache-hhn11553-HHN
last-modified: Thu, 24 Dec 2020 10:57:26 GMT
server: AmazonS3
x-timer: S1609201662.002795,VS0,VE0
date: Tue, 29 Dec 2020 00:27:42 GMT
vary: Accept-Encoding
x-amz-request-id: 90B5B0AA16920474
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 18
x-cache-hits: 9

GET
H2 200 a1a6d014a0fa3c1c6e663e9e6671673d.jpg
images.taboola.com/taboola/image/fetch/h_100,w_160,c_fill,g_xy_center,x_504,y_574/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 9559 9 KB
9 KB 32ms
32ms Image
image/jpeg 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_100,w_160,c_fill,g_xy_center,x_504,y_574/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1a6d014a0fa3c1c6e663e9e6671673d.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ef0bf09d7c15f19d3ab83b09a1dfe6f6c9b2ded96aa276d37d9d2b448a3e043e

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 29 Dec 2020 00:27:42 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 548634
edge-cache-tag: 460743299690442972842993906128007101257,540659292739394187659026934592982733625,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/h_100,w_160,c_fill,g_xy_center,x_504,y_574/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1a6d014a0fa3c1c6e663e9e6671673d.jpg
content-length: 8756
x-request-id: 23ac6d5d8de0c22093780feb21341822
x-served-by: cache-dca17743-DCA, cache-dca17775-DCA, cache-hhn11553-HHN
last-modified: Sat, 12 Dec 2020 06:50:36 GMT
server: cloudinary
x-timer: S1609201662.010486,VS0,VE1
etag: "423ac5d871a59fe81e81ff4347bdfa86"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 d4cf2822b65885006d2056293dcbb027.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 9559 3 KB
4 KB 39ms
39ms Image
image/jpeg 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d4cf2822b65885006d2056293dcbb027.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 8c8b2ce696f1c9a649643185f48cd8b47c1f1c670fc197d45d736f1d6aa3953f

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Tue, 29 Dec 2020 00:27:42 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 3453492
edge-cache-tag: 578482212508458959211726236219319056423,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sat, 12 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d4cf2822b65885006d2056293dcbb027.jpeg
content-length: 3298
x-served-by: cache-dca17783-DCA, cache-dca17747-DCA, cache-hhn11553-HHN
last-modified: Wed, 11 Nov 2020 19:18:51 GMT
server: cloudinary
x-timer: S1609201662.013117,VS0,VE8
etag: "966eaf07df9b824ca1d8d257e516cb9c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 42

GET
H2 200 6729de944bd44677591efa8a068d78c6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 9559 9 KB
10 KB 130ms
130ms Image
image/jpeg 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6729de944bd44677591efa8a068d78c6.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 296e82692e6109500e02fecb740df4cdc146fbc7770520f7a920b0c900893f4f

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Tue, 29 Dec 2020 00:27:42 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 375168
edge-cache-tag: 569185551634416724011534736532593879140,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Fri, 25 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6729de944bd44677591efa8a068d78c6.png
content-length: 9474
x-served-by: cache-dca17732-DCA, cache-dca17748-DCA, cache-hhn11553-HHN
last-modified: Tue, 24 Nov 2020 06:59:34 GMT
server: cloudinary
x-timer: S1609201662.018743,VS0,VE89
etag: "648e9349cf9ca7fa62a14fcd1f41f4f4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 ces-stars-qui-ont-eu-recours-a-la-chirurgie-esthetique.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//fac.img.pmdstatic.net/fit/http.3A.2F.2Fprd2-bone-image.2Es3-website-eu-west-1.2Ea... Frame 9559 5 KB
6 KB 177ms
176ms Image
image/jpeg 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//fac.img.pmdstatic.net/fit/http.3A.2F.2Fprd2-bone-image.2Es3-website-eu-west-1.2Eamazonaws.2Ecom.2FFAC.2Fvar.2Ffemmeactuelle.2Fstorage.2Fimages.2Factu.2Fpeople.2Fces-stars-qui-ont-eu-recours-a-la-chirurgie-esthetique-19004.2F12753127-1-fre-FR.2Fces-stars-qui-ont-eu-recours-a-la-chirurgie-esthetique.2Ejpg/737x415/quality/90/crop-from/center/ces-stars-qui-ont-eu-recours-a-la-chirurgie-esthetique.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 7c9ed027d443ce51ea593a7feb78fce2153ed461c653b703f1fd92c2753ae483

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 145
date: Tue, 29 Dec 2020 00:27:42 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 555326326453231723593319361269393632887,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 03 Jan 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//fac.img.pmdstatic.net/fit/http.3A.2F.2Fprd2-bone-image.2Es3-website-eu-west-1.2Eamazonaws.2Ecom.2FFAC.2Fvar.2Ffemmeactuelle.2Fstorage.2Fimages.2Factu.2Fpeople.2Fces-stars-qui-ont-eu-recours-a-la-chirurgie-esthetique-19004.2F12753127-1-fre-FR.2Fces-stars-qui-ont-eu-recours-a-la-chirurgie-esthetique.2Ejpg/737x415/quality/90/crop-from/center/ces-stars-qui-ont-eu-recours-a-la-chirurgie-esthetique.jpeg
content-length: 5462
x-served-by: cache-dca17759-DCA, cache-dca17723-DCA, cache-hhn11553-HHN
last-modified: Thu, 03 Dec 2020 19:51:44 GMT
server: cloudinary
x-timer: S1609201662.034918,VS0,VE145
etag: "9243faa0ee910875d3d08ce8afb30ae1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 e466951ddcd47f0ca4d3030adb03aa8b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 9559 4 KB
5 KB 125ms
125ms Image
image/jpeg 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e466951ddcd47f0ca4d3030adb03aa8b.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6f99ffa535ca9eb906328ace3b9fb4ce2957f966c1fc45064b1b77f616e3c140

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 87
date: Tue, 29 Dec 2020 00:27:42 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 30562
edge-cache-tag: 622086030894891208560129265744592171769,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Fri, 22 Jan 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e466951ddcd47f0ca4d3030adb03aa8b.jpg
content-length: 4261
x-served-by: cache-dca17760-DCA, cache-dca17760-DCA, cache-hhn11553-HHN
last-modified: Tue, 22 Dec 2020 12:04:50 GMT
server: cloudinary
x-timer: S1609201662.043498,VS0,VE87
etag: "2dd9fbb5a1b9b4faffa207947263bc7e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET

tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/ Frame 4205
Redirect Chain

https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

0
0

GET
H/1.1 200
OK 35702
tags.bluekai.com/site/ Frame 4205 62 B
328 B 450ms
172ms Image
image/gif 104.111.246.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/35702?id=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.246.202 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-246-202.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Dec 2020 00:27:41 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: b8b
Content-Type: image/gif

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 4205 95 B
259 B 23ms
20ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1367&env=mWeb&cid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&gdpr=$0&gdpr_consent=$
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://loged.webcindario.com
access-control-allow-credentials: true
cf-ray: 608f658eea592bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 074d7dcd5300002bd60d01d000000001

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 4205 43 B
106 B 37ms
36ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_866925&src.visitorId=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&gdpr=0&gdpr_consent=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cm
trc.taboola.com/sg/neustar/1/ Frame 4205
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164960803650000018722

0
56 B

82ms
81ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164960803650000018722
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201661.331858,VS0,VE8
x-served-by: cache-hhn11553-HHN
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164960803650000018722
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET 32441
i.liadm.com/s/ Frame 4205 0
0

GET /
pixel.onaudience.com/ Frame 4205 0
0

GET utsync.ashx
ml314.com/ Frame 4205 0
0

GET pixel.gif
sync.1dmp.io/ Frame 4205 0
0

GET
H2

204

/
loadm.exelator.com/load/ Frame 4205
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c
https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&xl8blockcheck=1

0
751 B

42ms
42ms

Image
text/plain

147.75.102.200
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&xl8blockcheck=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.200 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:41 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Tue, 29 Dec 2020 00:27:41 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 4205 95 B
259 B 31ms
29ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1412&env=mWeb&cid=7c96012d1a124ca18eab8630d47d6f5626154a68ead2c3cfff3090b00a4120e0&gdpr=$0&gdpr_consent=$
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://loged.webcindario.com
access-control-allow-credentials: true
cf-ray: 608f658eea5b2bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 074d7dcd5300002bd6aaa82000000001

GET sync
pixel.advertising.com/ups/55973/ Frame 4205 0
0

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ Frame 4205 9 KB
3 KB 40ms
40ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 994f1e42374da62e0cee6d313ded050cf25da1791bc6b93108b6c767ef9ee5c8

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: jMf5pqf.SadM71FjPvdg8VWrEWjJxNjG
content-encoding: gzip
etag: "b1c2e56f4b8971192b6424f549fefefb"
age: 19674
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3121
x-amz-id-2: 81CWR76uLRJj3V83hqVkCloO8qA6g7iFljNc6VJPUudh7T+qxabRVOhu0qvscX5c724UvElJ+RU=
x-served-by: cache-hhn11553-HHN
last-modified: Wed, 16 Dec 2020 10:52:48 GMT
server: AmazonS3
x-timer: S1609201662.065694,VS0,VE0
date: Tue, 29 Dec 2020 00:27:42 GMT
vary: Accept-Encoding
x-amz-request-id: C9D331329E4BA734
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 18
x-cache-hits: 234946

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 4205 3 KB
802 B 32ms
31ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tcahAQL7SM5vHmChLog9xryayd2KNhUu
content-encoding: gzip
etag: "9e155136143a96e23a99757df9aa3cc8"
age: 25590
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 728
x-amz-id-2: F511ZOU+f6Q+sqbWMumRisyTrwRpkm3FWMsmLIsnKa/IwVxkrGRtPSPQIlc/TyTY8rykuA1eNio=
x-served-by: cache-hhn11553-HHN
last-modified: Sun, 15 Nov 2020 09:20:35 GMT
server: AmazonS3
x-timer: S1609201661.290214,VS0,VE0
date: Tue, 29 Dec 2020 00:27:41 GMT
vary: Accept-Encoding
x-amz-request-id: 6H4P7X5VCY1X4JBG
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 18
x-cache-hits: 404992

GET
H2 200 userx.20201224-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 4205 23 KB
8 KB 31ms
31ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20201224-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/indice-hwebcindario300x600gr-r17556238/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2077feca4c7d47457b724e1dba0636a33940d419f934bf1e0c6ab10a9bcd8fd

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: lE4X3tXEs7mDYzVypmZ5EKCgkRDT8kLA
content-encoding: gzip
etag: "e87399d926e40ccd04f692acdef11240"
age: 19
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 7880
x-amz-id-2: wCifvYonxrpI3KvtKV4gZO048bij0qVhhfXS47MDu3ULJ5iZ66zzstGlfT+xRVcsiaiR8QLyZ5A=
x-served-by: cache-hhn11553-HHN
last-modified: Thu, 24 Dec 2020 10:57:26 GMT
server: AmazonS3
x-timer: S1609201662.106755,VS0,VE0
date: Tue, 29 Dec 2020 00:27:42 GMT
vary: Accept-Encoding
x-amz-request-id: 90B5B0AA16920474
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 18
x-cache-hits: 10

GET
H2 200 6b070fdd90b9a7806db35a3349af4d34.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 9559 11 KB
11 KB 41ms
41ms Image
image/jpeg 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 20570da9c5a6b449db8f3ed4132af5563d0315dcdbd2ba7b72938c0a26b5fd1a

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 29 Dec 2020 00:27:42 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 601067
edge-cache-tag: 437979102097564947015754295813812764157,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
content-length: 11144
x-request-id: 9ca3931a4dfb85c3321de5e7ab5a6279
x-served-by: cache-dca17730-DCA, cache-dca17720-DCA, cache-hhn11553-HHN
last-modified: Sun, 13 Dec 2020 13:37:52 GMT
server: cloudinary
x-timer: S1609201662.138429,VS0,VE1
etag: "8fb49adb2fa13a81c9a1d5ae53155f9a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 a1a6d014a0fa3c1c6e663e9e6671673d.jpg
images.taboola.com/taboola/image/fetch/h_100,w_160,c_fill,g_xy_center,x_504,y_574/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 70AC 9 KB
9 KB 41ms
41ms Image
image/jpeg 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_100,w_160,c_fill,g_xy_center,x_504,y_574/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1a6d014a0fa3c1c6e663e9e6671673d.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ef0bf09d7c15f19d3ab83b09a1dfe6f6c9b2ded96aa276d37d9d2b448a3e043e

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 29 Dec 2020 00:27:42 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 548634
edge-cache-tag: 460743299690442972842993906128007101257,540659292739394187659026934592982733625,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/h_100,w_160,c_fill,g_xy_center,x_504,y_574/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1a6d014a0fa3c1c6e663e9e6671673d.jpg
content-length: 8756
x-request-id: 23ac6d5d8de0c22093780feb21341822
x-served-by: cache-dca17743-DCA, cache-dca17775-DCA, cache-hhn11553-HHN
last-modified: Sat, 12 Dec 2020 06:50:36 GMT
server: cloudinary
x-timer: S1609201662.150309,VS0,VE0
etag: "423ac5d871a59fe81e81ff4347bdfa86"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 6729de944bd44677591efa8a068d78c6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 70AC 9 KB
10 KB 35ms
34ms Image
image/jpeg 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6729de944bd44677591efa8a068d78c6.png
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 296e82692e6109500e02fecb740df4cdc146fbc7770520f7a920b0c900893f4f

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 29 Dec 2020 00:27:42 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 375168
edge-cache-tag: 569185551634416724011534736532593879140,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Fri, 25 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6729de944bd44677591efa8a068d78c6.png
content-length: 9474
x-served-by: cache-dca17732-DCA, cache-dca17748-DCA, cache-hhn11553-HHN
last-modified: Tue, 24 Nov 2020 06:59:34 GMT
server: cloudinary
x-timer: S1609201662.170212,VS0,VE0
etag: "648e9349cf9ca7fa62a14fcd1f41f4f4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 d4cf2822b65885006d2056293dcbb027.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 70AC 3 KB
4 KB 31ms
31ms Image
image/jpeg 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d4cf2822b65885006d2056293dcbb027.jpeg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 8c8b2ce696f1c9a649643185f48cd8b47c1f1c670fc197d45d736f1d6aa3953f

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 29 Dec 2020 00:27:42 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 3453492
edge-cache-tag: 578482212508458959211726236219319056423,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sat, 12 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d4cf2822b65885006d2056293dcbb027.jpeg
content-length: 3298
x-served-by: cache-dca17783-DCA, cache-dca17747-DCA, cache-hhn11553-HHN
last-modified: Wed, 11 Nov 2020 19:18:51 GMT
server: cloudinary
x-timer: S1609201662.180411,VS0,VE0
etag: "966eaf07df9b824ca1d8d257e516cb9c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 43

GET
H2 200 b7deb41540a311ece1367985b4a8b18e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 70AC 6 KB
6 KB 41ms
41ms Image
image/jpeg 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b7deb41540a311ece1367985b4a8b18e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 63f61c3929543bed645e26c0dddaa7455fa166f42e205ae6d5af09f546b63a99

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 29 Dec 2020 00:27:42 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 3367844
edge-cache-tag: 426869329087978244006776865419876603401,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Fri, 20 Nov 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b7deb41540a311ece1367985b4a8b18e.jpg
content-length: 5668
x-served-by: cache-dca17752-DCA, cache-dca17760-DCA, cache-hhn11553-HHN
last-modified: Tue, 20 Oct 2020 09:20:30 GMT
server: cloudinary
x-timer: S1609201662.191512,VS0,VE1
etag: "4e499083e4b48defe45d8a03873f5e75"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 bf46e2261a503600e5686c181ec0c0c4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 70AC 4 KB
4 KB 31ms
31ms Image
image/jpeg 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bf46e2261a503600e5686c181ec0c0c4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: b6569a3a0bb02c34217c1d696eed9a1f2415e5980c27df396bef5f63002d8cea

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 29 Dec 2020 00:27:42 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 3391706
edge-cache-tag: 324788028256384030471150896147899739899,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sat, 12 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bf46e2261a503600e5686c181ec0c0c4.jpg
content-length: 3808
x-served-by: cache-dca17781-DCA, cache-dca17733-DCA, cache-hhn11553-HHN
last-modified: Wed, 11 Nov 2020 20:18:13 GMT
server: cloudinary
x-timer: S1609201662.205490,VS0,VE0
etag: "5567d6f6ac1adbf4bb69254dad2a6162"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 8

GET
H2 200 ca01a9b098b6617e207306c68cb7e83c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 70AC 9 KB
10 KB 31ms
31ms Image
image/jpeg 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ca01a9b098b6617e207306c68cb7e83c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: b041b051fb480ce73e721d06786a18c444081aea6d57d72437d90a1eac2025b4

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 29 Dec 2020 00:27:42 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 3195972
edge-cache-tag: 327481466903522534042740176874912222804,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ca01a9b098b6617e207306c68cb7e83c.jpg
content-length: 9352
x-request-id: a3bb412c8faf39ba802bc0cf76d21114
x-served-by: cache-dca17744-DCA, cache-dca17747-DCA, cache-hhn11553-HHN
last-modified: Tue, 17 Nov 2020 12:35:44 GMT
server: cloudinary
x-timer: S1609201662.211990,VS0,VE0
etag: "a4a68d2a6a74e01daa61438b8b034d35"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 32

GET
H2 200 a1a6d014a0fa3c1c6e663e9e6671673d.jpg
images.taboola.com/taboola/image/fetch/h_100,w_160,c_fill,g_xy_center,x_504,y_574/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4205 9 KB
9 KB 34ms
33ms Image
image/jpeg 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_100,w_160,c_fill,g_xy_center,x_504,y_574/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1a6d014a0fa3c1c6e663e9e6671673d.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ef0bf09d7c15f19d3ab83b09a1dfe6f6c9b2ded96aa276d37d9d2b448a3e043e

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 29 Dec 2020 00:27:42 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 548634
edge-cache-tag: 460743299690442972842993906128007101257,540659292739394187659026934592982733625,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/h_100,w_160,c_fill,g_xy_center,x_504,y_574/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1a6d014a0fa3c1c6e663e9e6671673d.jpg
content-length: 8756
x-request-id: 23ac6d5d8de0c22093780feb21341822
x-served-by: cache-dca17743-DCA, cache-dca17775-DCA, cache-hhn11553-HHN
last-modified: Sat, 12 Dec 2020 06:50:36 GMT
server: cloudinary
x-timer: S1609201662.220167,VS0,VE0
etag: "423ac5d871a59fe81e81ff4347bdfa86"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 3

GET
H2 200 6729de944bd44677591efa8a068d78c6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4205 9 KB
10 KB 35ms
35ms Image
image/jpeg 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6729de944bd44677591efa8a068d78c6.png
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 296e82692e6109500e02fecb740df4cdc146fbc7770520f7a920b0c900893f4f

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 29 Dec 2020 00:27:42 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 375168
edge-cache-tag: 569185551634416724011534736532593879140,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Fri, 25 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6729de944bd44677591efa8a068d78c6.png
content-length: 9474
x-served-by: cache-dca17732-DCA, cache-dca17748-DCA, cache-hhn11553-HHN
last-modified: Tue, 24 Nov 2020 06:59:34 GMT
server: cloudinary
x-timer: S1609201662.233453,VS0,VE0
etag: "648e9349cf9ca7fa62a14fcd1f41f4f4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET d4cf2822b65885006d2056293dcbb027.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4205 0
0

GET b7deb41540a311ece1367985b4a8b18e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4205 0
0

GET bf46e2261a503600e5686c181ec0c0c4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4205 0
0

GET ca01a9b098b6617e207306c68cb7e83c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4205 0
0

GET 1211693250__oHYiBsdz.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame 1008 0
0

POST
H2 204 bulk Show response
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/ Frame 1008 0
215 B 40ms
40ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201662.712145,VS0,VE9
x-served-by: cache-hhn11553-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://loged.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 visible Show response
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/ Frame 1008 0
208 B 48ms
47ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201662.729477,VS0,VE9
x-served-by: cache-hhn11553-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://loged.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 bulk Show response
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/ Frame 264A 0
57 B 51ms
51ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201662.746807,VS0,VE9
x-served-by: cache-hhn11553-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://loged.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 bulk Show response
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/ Frame 1981 0
56 B 49ms
48ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201662.749934,VS0,VE9
x-served-by: cache-hhn11553-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://loged.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 visible Show response
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/ Frame 1981 0
56 B 48ms
47ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201662.751150,VS0,VE9
x-served-by: cache-hhn11553-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://loged.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 visible Show response
trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/ Frame 264A 0
56 B 61ms
61ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/indice-hwebcindario300x250gr-r17556235/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201224-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 29 Dec 2020 00:27:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1609201662.767423,VS0,VE9
x-served-by: cache-hhn11553-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://loged.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET 34b849099fc76ddaecc0c73d059cd4d6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 264A 0
0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 9559 254 B
650 B 33ms
32ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 3240
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by: cache-hhn11553-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1609201662.980045,VS0,VE0
date: Tue, 29 Dec 2020 00:27:41 GMT
x-amz-request-id: 29D722C296265892
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 18
x-cache-hits: 1282

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 70AC 254 B
748 B 53ms
52ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 3240
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by: cache-hhn11553-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1609201662.043451,VS0,VE0
date: Tue, 29 Dec 2020 00:27:42 GMT
x-amz-request-id: 29D722C296265892
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 18
x-cache-hits: 1283

GET a1a6d014a0fa3c1c6e663e9e6671673d.jpg
images.taboola.com/taboola/image/fetch/h_100,w_160,c_fill,g_xy_center,x_504,y_574/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 9559 0
0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 4205 254 B
748 B 34ms
34ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: loged.webcindario.com
URL: https://loged.webcindario.com/l-o-g/session/app/signin.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://loged.webcindario.com/l-o-g/session/app/signin.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 3240
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by: cache-hhn11553-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1609201662.145846,VS0,VE0
date: Tue, 29 Dec 2020 00:27:42 GMT
x-amz-request-id: 29D722C296265892
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 18
x-cache-hits: 1284

GET 6729de944bd44677591efa8a068d78c6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 9559 0
0

GET e466951ddcd47f0ca4d3030adb03aa8b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 9559 0
0

GET 6b070fdd90b9a7806db35a3349af4d34.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 9559 0
0

GET a1a6d014a0fa3c1c6e663e9e6671673d.jpg
images.taboola.com/taboola/image/fetch/h_100,w_160,c_fill,g_xy_center,x_504,y_574/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 70AC 0
0

GET ces-stars-qui-ont-eu-recours-a-la-chirurgie-esthetique.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//fac.img.pmdstatic.net/fit/http.3A.2F.2Fprd2-bone-image.2Es3-website-eu-west-1.2Ea... Frame 9559 0
0

GET a1a6d014a0fa3c1c6e663e9e6671673d.jpg
images.taboola.com/taboola/image/fetch/h_100,w_160,c_fill,g_xy_center,x_504,y_574/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4205 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/1/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/2/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=

Domain: p.rfihub.com
URL: https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=

Domain: cds.taboola.com
URL: https://cds.taboola.com/?uid=085e4b5b-6b18-47de-a0cc-020a1b9edf16-tuct6e3fd7c&_r=6070127

Domain: i.liadm.com
URL: https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

Domain: pixel.onaudience.com
URL: https://pixel.onaudience.com/?partner=137085097&mapped=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

Domain: ml314.com
URL: https://ml314.com/utsync.ashx?eid=50077&et=0&fp=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d

Domain: sync.1dmp.io
URL: https://sync.1dmp.io/pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

Domain: pixel.advertising.com
URL: https://pixel.advertising.com/ups/55973/sync?uid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&_origin=1

Domain: i.liadm.com
URL: https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

Domain: pixel.onaudience.com
URL: https://pixel.onaudience.com/?partner=137085097&mapped=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

Domain: ml314.com
URL: https://ml314.com/utsync.ashx?eid=50077&et=0&fp=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d

Domain: sync.1dmp.io
URL: https://sync.1dmp.io/pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

Domain: pixel.advertising.com
URL: https://pixel.advertising.com/ups/55973/sync?uid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&_origin=1

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

Domain: i.liadm.com
URL: https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

Domain: pixel.onaudience.com
URL: https://pixel.onaudience.com/?partner=137085097&mapped=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

Domain: ml314.com
URL: https://ml314.com/utsync.ashx?eid=50077&et=0&fp=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d

Domain: sync.1dmp.io
URL: https://sync.1dmp.io/pixel.gif?cid=bbd655c2-4912-4064-9036-7e0aec8fb8f2&brid=1ad3958e-57cd-4f58-80a2-9c478e047fdd&pid=w&uid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c

Domain: pixel.advertising.com
URL: https://pixel.advertising.com/ups/55973/sync?uid=eb27b90f-224a-4751-9033-d23d6104ab55-tuct6e3fd7c&_origin=1

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d4cf2822b65885006d2056293dcbb027.jpeg

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b7deb41540a311ece1367985b4a8b18e.jpg

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bf46e2261a503600e5686c181ec0c0c4.jpg

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ca01a9b098b6617e207306c68cb7e83c.jpg

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1211693250__oHYiBsdz.jpg

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34b849099fc76ddaecc0c73d059cd4d6.jpg

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1211693250__oHYiBsdz.jpg

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/h_100,w_160,c_fill,g_xy_center,x_504,y_574/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1a6d014a0fa3c1c6e663e9e6671673d.jpg

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d4cf2822b65885006d2056293dcbb027.jpeg

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6729de944bd44677591efa8a068d78c6.png

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e466951ddcd47f0ca4d3030adb03aa8b.jpg

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/h_100,w_160,c_fill,g_xy_center,x_504,y_574/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1a6d014a0fa3c1c6e663e9e6671673d.jpg

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//fac.img.pmdstatic.net/fit/http.3A.2F.2Fprd2-bone-image.2Es3-website-eu-west-1.2Eamazonaws.2Ecom.2FFAC.2Fvar.2Ffemmeactuelle.2Fstorage.2Fimages.2Factu.2Fpeople.2Fces-stars-qui-ont-eu-recours-a-la-chirurgie-esthetique-19004.2F12753127-1-fre-FR.2Fces-stars-qui-ont-eu-recours-a-la-chirurgie-esthetique.2Ejpg/737x415/quality/90/crop-from/center/ces-stars-qui-ont-eu-recours-a-la-chirurgie-esthetique.jpeg

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6729de944bd44677591efa8a068d78c6.png

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d4cf2822b65885006d2056293dcbb027.jpeg

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b7deb41540a311ece1367985b4a8b18e.jpg

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bf46e2261a503600e5686c181ec0c0c4.jpg

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ca01a9b098b6617e207306c68cb7e83c.jpg

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/h_100,w_160,c_fill,g_xy_center,x_504,y_574/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1a6d014a0fa3c1c6e663e9e6671673d.jpg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.loged.webcindario.com/	1970-01-19 15:00:01	Name: _gat_UA-597118-1 Value: 1
.loged.webcindario.com/	1970-01-19 15:00:01	Name: _gat_UA-597118-7 Value: 1
.loged.webcindario.com/	1970-01-19 15:01:28	Name: _gid Value: GA1.3.451316701.1609201649
.loged.webcindario.com/	1970-01-20 08:31:13	Name: _ga Value: GA1.3.2109774187.1609201649
.webcindario.com/	1970-01-25 20:31:23	Name: __muid Value: 762cf7156256d3b29bd96a3919d034daaf6967fd

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4(Line 4) Message: [43m%s[0m Send completed [object Object]
console-api	log	URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=(Line 1) Message: %c [object HTMLImageElement]
console-api	warning	URL: https://loged.webcindario.com/l-o-g/session/app/signin.php(Line 133) Message: USP is not accessible
console-api	warning	URL: https://loged.webcindario.com/l-o-g/session/app/signin.php(Line 133) Message: USP is not accessible
console-api	log	(Line 6) Message: element .item-label-href arrived
console-api	log	(Line 6) Message: element .item-label-href arrived
console-api	log	(Line 6) Message: element .item-label-href arrived

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.projectagoraservices.com
adx.adform.net
beltornado2020.blogspot.com
bh.contextweb.com
bttrack.com
c1.adform.net
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
cuturl.net
d.agkn.com
des.smartclip.net
dis.criteo.com
dsp.adkernel.com
e1.emxdgt.com
hbopenbid.pubmatic.com
hosting.miarroba.info
i.liadm.com
ib.adnxs.com
images.taboola.com
img.sunmediaads.com
inv-nets.admixer.net
js.agkn.com
loadm.exelator.com
loged.webcindario.com
match.adsrvr.org
match.taboola.com
ml314.com
mwzeom.zeotap.com
odr.mookie1.com
p.rfihub.com
pixel.advertising.com
pixel.onaudience.com
pixel.rubiconproject.com
play.sunmediaads.com
prg.smartadserver.com
projectagora-483829-hdb.adomik.com
projectagora-d.openx.net
projectagora.net
quantcast.mgr.consensu.org
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rules.quantcount.com
s.c.appier.net
secure.quantserve.com
services.sunmedia.tv
servingcdn.net
simage2.pubmatic.com
static.sunmedia.tv
stats.g.doubleclick.net
sync-t1.taboola.com
sync.1dmp.io
sync.crwdcntrl.net
sync.richaudience.com
sync.taboola.com
tags.bluekai.com
track.sunmedia.tv
trc.taboola.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.storygize.net
x.bidswitch.net
c1.adform.net
cds.taboola.com
i.liadm.com
images.taboola.com
ml314.com
p.rfihub.com
pixel.advertising.com
pixel.onaudience.com
sync.1dmp.io
sync.crwdcntrl.net
104.111.246.202
139.180.217.94
141.226.224.32
141.226.228.48
146.0.227.110
147.75.102.200
159.69.72.190
172.105.221.29
172.217.21.226
174.137.133.49
178.250.2.151
18.195.155.181
185.33.221.15
185.64.189.110
185.64.189.112
185.86.137.132
185.86.139.95
192.132.33.46
198.148.27.139
199.232.137.44
212.92.55.6
216.52.2.39
2600:9000:206f:3000:6:44e3:f8c0:93a1
2600:9000:214f:8600:9:46dc:4700:93a1
2600:9000:214f:ae00:15:efbc:e300:93a1
2606:4700:10::6816:1857
2606:4700:20::681a:cc8
2606:4700:3035::6812:3c5e
2606:4700::6810:125e
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:800::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::2004
2a00:1450:4001:808::2008
2a00:1450:4001:81a::2001
2a00:1450:4001:820::200e
2a00:1450:400c:c06::9b
2a02:26f0:10::5c7a:d4e0
3.121.49.210
3.138.133.95
34.255.253.25
34.98.67.61
35.244.159.8
37.157.2.235
5.57.226.202
51.89.64.207
51.89.99.150
52.29.85.133
52.30.140.199
52.31.46.99
52.57.142.16
52.57.98.174
54.149.132.44
54.194.51.120
69.173.144.165
89.255.248.54
0227eb7ce7a5a5e0878a63d59b5ce9509112274ddedfdc711caa17dd132ee2e3
051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0fe73c341759373b2b982a749b31305b5f9102faa1c12f33b7854877a9bdd54e
1663f95ea0126d1a415ee9ca499b8a137e542346004234a0c3df869b4b9b1a13
1b7b30e5d39ee70ff4346e1a6866466a63ac691d2d47233c35b0a739666f2920
1c2cf1caab896b6c9d71ff2c6ee2890657eb68e28aa543614f8061d372dc62bf
20570da9c5a6b449db8f3ed4132af5563d0315dcdbd2ba7b72938c0a26b5fd1a
296e82692e6109500e02fecb740df4cdc146fbc7770520f7a920b0c900893f4f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3159892982f15db626f723789c981fe4ddd4c3084982bbb1d0224c3c32b2fe18
34facdf1f8057f993bc7f5de07e3ea25a03b66e65d11e6e382823e8db951c2a2
365365fe04f0a45a2ace05b4e47705eb0a9cdbc9a91310673efa51a0e2771e63
3c7af3f6112d7a1ee75e2cff841531f52843b0d3a8d99cda08840d15aab0fe3d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
43054834700582cdaf5b0cb5ba278e95556359145dc5b23335923fd2091c1a59
437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854
43b9d30c68e6583a9fd1779713362522eb175ccb318e252387f3e955156acee6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e5826ed2781fd7ee7851d820bb728069a43cdb36dfd158ea1ccbf05ff3b8a23
546be5174f4dccbab60a3cbeadcba6ceef55c4445893ab274e7f3a343cf3e4ad
55a045cf03d6a4bb83f0434f14cc9c07fa67e87a4573df5538048e567c153280
55a269603905b85df7f8e47f5b6db23c9fe400e7385ee25f669e2f9584f56e02
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5e1550d5b62e5db0901cd4c864141cd31e85d73b54c9f668f185d909b5ce5c42
620c53ec2b581b075b9003f2ec873fd8148dd5abbadd6b1fcefd0f83ef234c08
63f61c3929543bed645e26c0dddaa7455fa166f42e205ae6d5af09f546b63a99
688d136306f3b37ca1bb0fff96c65d0e6fb1f23ed44c1873d5afe8b7dbbcad28
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f99ffa535ca9eb906328ace3b9fb4ce2957f966c1fc45064b1b77f616e3c140
78bcf634d3f0963b83ce7c0b8a3718ec4e790bbf04c37f4196ead651a4639d4a
7c074d5639b08b7eee3923842b52d5333c37eceb96baf14ee213584981066fe5
7c9ed027d443ce51ea593a7feb78fce2153ed461c653b703f1fd92c2753ae483
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c8b2ce696f1c9a649643185f48cd8b47c1f1c670fc197d45d736f1d6aa3953f
9133faf904c35de5f79be8708d16224288dc02f6a8118ae5a4bfc5f25171f1f0
97bb418350377b8793ce60dae56978ccaa2e0d7bac92ff2aaab481d214e842d8
994f1e42374da62e0cee6d313ded050cf25da1791bc6b93108b6c767ef9ee5c8
9e7837057243329a65ff8fff16bd7bb6b4039f6b8eab231ff881ecae492be699
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2ec414ec986d034d9632209d15a3b588e225eb043c1ce65de25549d1e44be5a
b041b051fb480ce73e721d06786a18c444081aea6d57d72437d90a1eac2025b4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
b6569a3a0bb02c34217c1d696eed9a1f2415e5980c27df396bef5f63002d8cea
b8b8fb5c1a0b3670ab9cb8b766f8b0ce282a29e58ce86f3518202a0fcde35955
c2b19343a0c70e8766ab29db692677c2ea099f7e8bcc1aac528c7294e422d55f
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c6629ee6b002a823a733380b3f811e5d4b1f69877f9b9f91510a5b65b1b9555a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce347d6dfb58eb986351695bfc565ffb59d30714dcbbf12bce99e5fb06071719
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d2077feca4c7d47457b724e1dba0636a33940d419f934bf1e0c6ab10a9bcd8fd
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f
dbaf805f62216f58f90fadac586ffbbc9acc9c2ce2cd261e4b65b1cf054e0fd3
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3802f02f4480d3b247af948f029fc343b6947d933a8dc978a738be684e7a3f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
edf1fdb7ef88e8040b5755bc421e23bc4e98e21b905e1dd0cd277b81e2759a57
ef0bf09d7c15f19d3ab83b09a1dfe6f6c9b2ded96aa276d37d9d2b448a3e043e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef913f1b1f2132ba1e2ec53822307ae9fec4f6689efed38796061f49dc4ba8e8
f33f8c271b704a3a06db5ef14daa0a3b18e35643df7678ca1128e7500dc5728f
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fb7102c896cc8fdb2eb83d2ad7e8968e8a22096d0537528cf94aa4b7455b8489
fcafffae44a7f4f64ef6dbd87f7498083117fa2c7a6c66e17ae6cc61c78eebb2

loged.webcindario.com Open in urlscan Pro 5.57.226.202 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

254 Requests

83 %HTTPS

29 %IPv6

52 Domains

67 Subdomains

47 IPs

13 Countries

1406 kBTransfer

4603 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

254 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

loged.webcindario.com Open in urlscan Pro
5.57.226.202 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

254
Requests

83 %
HTTPS

29 %
IPv6

52
Domains

67
Subdomains

47
IPs

13
Countries

1406 kB
Transfer

4603 kB
Size

5
Cookies

254 HTTP transactions
0 data transactions